By design, cloud native applications are more accessible (and thus more vulnerable) than on-prem environments. You can’t air gap a cloud environment, which increases the potential for mistakes. Additionally, we all accept that it is not feasible to have a perfect patch program, and therefore some risks are (hopefully) weighed and accepted.
On April 7th, 2022 at 1:00 p.m., GMT, (ISC)² and Palo Alto will discuss research on the blast radius of open source Helm charts and how vulnerabilities in Kubernetes-based applications are a chain of potential attack vectors. We’ll talk about best practices for locking these applications down to minimize the attack surface.