SE Radio 678: Chris Love on Kubernetes Security

Chris Love, co-author of the book Core
Kubernetes, joins host Robert Blumen for a conversation about
kubernetes security. Chris identifies the node layer, secrets
management, the network layer, contains, and pods as the most
critical areas to be addressed.


The conversation explores a range of topics, including when to
accept defaults and when to override; differences between
self-managed clusters and cloud-service provider-managed
clusters; and what can go wrong at each layer -- and how to
address these issues. They further discuss managing the node
layer; network security best practices; kubernetes secrets and
integration with cloud-service provider secrets; container
security; pod security, and Chris offers his views on
policy-as-code frameworks and scanners.


Brought to you by IEEE Computer Society and IEEE
Software magazine.