Avengers Assemble: Threat Modeling Kubernetes Clusters at a... Sai Charan Teja Gopaluni & Jamal Arif скачать в хорошем качестве

Avengers Assemble: Threat Modeling Kubernetes Clusters at a... Sai Charan Teja Gopaluni & Jamal Arif

Don't miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon North America in Salt Lake City from November 12 - 15, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at https://kubecon.io Avengers Assemble: Threat Modeling Kubernetes Clusters at a Massive Scale - Sai Charan Teja Gopaluni & Jamal Arif, Amazon Web Services Microservices architectural patterns are complex, and are becoming increasingly more complex and capable over time, delivering more business value and increased customer satisfaction and engagement. This means that design decisions need to account for an ever-increasing number of use cases, and be made in a way that mitigates potential security threats that may lead to business-impacting outcomes, including unauthorized access to data, denial of service, and resource misuse. During design phase, Information Security teams within an organization would employ Threat modeling as a process to identify potential threats such as structural vulnerabilities or the absence of appropriate safeguards and prioritize countermeasures. In this talk, we will see how threat modeling can be applied at Kubernetes service level by identifying access points, exfiltration points and discuss controls applicable at each level