Kubernetes offers incredible power for scaling applications, but its complexity creates significant security challenges. How can engineering teams navigate this minefield and implement effective safeguards? This episode dives deep into a fascinating research paper that systematically gathers real-world Kubernetes security practices, not from textbooks, but from the collective wisdom found in blog posts, talks, and tutorials online – the "grey literature."
We explore the findings from "XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices" by researchers from Tennessee Technological University. Learn about their unique methodology for analyzing internet artifacts and discover the resulting "XI Commandments" – a prioritized list of crucial security measures like configuring RBAC, implementing Network Policies, scanning images, and the often-overlooked need to properly secure etcd and Kubernetes Secrets. Understand why default settings aren't enough and gain actionable insights grounded in the practical experiences of engineers in the trenches.
Read the original paper: http://arxiv.org/abs/2006.15275v1
Music: "A Difficult Subject" by The Insider
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!