KUBERNETES BEST PRACTICES 2022

Cloud Security Podcast

Oct 10, 2022•51 min•Season 3Ep. 47

--:--

Listen in podcast apps:

Apple Podcasts

Spotify

Download

Listen to this episode in Metacast mobile app

Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jimmy Mesta (Jimmy's Twitter) about OWASP Kubernetes Top 10 and best practices for securing Kubernetes

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Jimmy Mesta (Jimmy's Twitter)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Ashish's Intro to the Episode

(01:39) https://snyk.io/csp

(03:55) What is Kubernetes?
(05:15 )Kubernetes vs Containers
(06:38) Kubernetes and Docker
(09:08) Unmanaged Kubernetes
(11:14) Managed Kubernetes
(13:39) Security for Kubernetes Clusters
(15:42) OWASP top 10 Web Application
(17:59) Starting to build Kubernetes Cluster or Pod
(23:09) Security Misconfigurations in Kubernetes
(28:42) Supply Chain Vulnerabilities in Kubernetes
(32:06) RBAC and Policy Enforcement
(33:32) Logging and Monitoring in Kubernetes
(34:30) Broken Authentication
(35:17) Missing network segment approach
(36:07) Secrets Management Failure
(37:09) Misconfigured Cluster Components
(38:15) Outdated and vulnerable kubernetes component
(42:37) Asset Inventory for Kubernetes Cluster
(44:53) Threat Modelling in Kubernetes
(46:20)Cert management in Kubernetes
(48:02) Learn more about securing Kubernetes

For the best experience, listen in Metacast app for iOS or Android