Kubernetes Audit Logging

Presented by

Randy Franklin Smith (UWS) with Rich Bakos and Kyle Senescu

About this talk

Applications are increasingly being containerized, and when that happens, they are likely to find their way to a cluster within a container-orchestration system like Kubernetes. However, containerized applications are only as safe as the Kubernetes cluster they run in. So how do you ensure a secure environment? The answer is visibility. In this on-demand webinar, LogRhythm sales engineers join Ultimate Security Windows Host Randy Franklin Smith to introduce you to Kubernetes audit logging. The presenters demonstrate how to use the LogRhythm NextGen SIEM Platform to gain visibility into your Kubernetes clusters. Explore Kubernetes audit logging and learn how to isolate important events to reduce the noise from all other events. Smith provides examples of real Kubernetes audit events to show you audit policies in action. LogRhythm sales engineers build on Smith’s introduction and apply those learnings with security considerations in mind to show you how to: - Ensure you create an approved container image - Ensure the API isn’t open to the outside world - Track inbound and outbound traffic from the cluster and pods - Monitor and visualize container log data

Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (231)
Subscribers (71371)
LogRhythm helps busy and lean security operations teams save the day—day after day. There’s a lot riding on the shoulders of security professionals—the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources—the weight of protecting the world. LogRhythm helps lighten this load. The company is on the frontlines defending against many of the world’s most significant cyberattacks and empowers security teams to navigate an ever-changing threat landscape with confidence. As allies in the fight, LogRhythm combines a comprehensive and flexible security operations platform, technology partnerships, and advisory services to help SOC teams close the gaps.