DS21 - Marc Nimmerrichter - Kubernetes Security, Challenge or Chance скачать в хорошем качестве

DS21 - Marc Nimmerrichter - Kubernetes Security, Challenge or Chance

For anyone in IT and IT-security, there seems to be no way around Kubernetes. Containerization has changed the way software is developed, deployed, and operated. Microservices is the new paradigm. Many information security teams around the world, who see the adoption of Kubernetes and microservice-architectures in their organization, discuss just now: What does containerization and Kubernetes mean to security and how to fit this technology into our existing architectures and processes? In this talk we will dissect the various components of Kubernetes and how they work technically under the hood. We will investigate common pitfalls and how they could be exploited to gain privileges, take over components or compromise the whole cluster and learn how to avoid these issues. But let’s not only talk about the risks. There are also new chances for more security with containers and Kubernetes in contrast to previous deployment models and technologies. But only when it’s done right! Marc Nimmerrichter started specialising in information security during his studies in IT and information security. He has worked for many years as pentester and IT-security consultant and currently he works as Managing Partner at Certitude Consulting GmbH. He has advised well-known IT service providers, software developers, banks and federal authorities in Europe. He specialized in Kubernetes security early - At a time when Kubernetes security guides were scarce. Marc has performed Kubernetes security audits for various clients in software development, telecommunications, health care and the public sector.