Misconfiguration in Containers Deployment and Kubernetes: Risks and Fixes

Presented by

Zohar Kaufman, VP R&D and Ariel Shuper, VP Product Portshift.io

About this talk

Human error remains a persistent cause of the majority of container security incidents. According to Gartner, 95% of cloud security failures are rooted in mistakes made by users. As your application workloads become more distributed and run in containers managed by Kubernetes, the risk of a misconfigured component exposing you to a security incident grows. In today’s DevOps driven, application development environment, configuration management must be as automated and streamlined as possible for it to be effective. It should be comprehensive, covering not just the pods deployments, but also the Kubernetes objects (e.g. ConfigMap) and settings (Roles, Roles bindning, Security Context, Secrets etc.) Join our session to learn about configuration management best practices and how to avoid the common misconfiguration pitfalls of containers and Kubernetes. On our Talk Session, Ariel Shuper and Zohar Kaufnam will discuss - * Kubernetes RBAC misconfiguration, detection and mitigation * Secrets management best practices * Security Context and Pod Security Policies * Automated policies generations with Developers manifests * Network policies - The good, the bad and the ugly * Kubernetes APIs protection

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (12)
Subscribers (1008)
Portshift is a Kubernetes-native security leader leveraging the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications protection. Portshift is the only solution offering an agentless approach, with a single Kubernetes admission controller for seamless integration.