Kubernetes & Container Security Solutions Forum 2022

Containers have become the primary approach to distributing and deploying software for many organizations. Unfortunately, containerized applications can quickly become hard to manage on a large scale using the command line. That’s why container orchestration solutions such as Kubernetes are helping with this adoption and have become vital for organizations leveraging containers. There are many benefits of automating tasks for deployment, scaling, updates, and the overall management of containerized applications. However, it is essential to realize that these tools can also create vulnerabilities in your environment without appropriate security measures in place.
According to the latest reports, over 86% of the organizations leverage Kubernetes to manage their container workloads. As a result, attackers are shifting their focus to these technologies for their attacks. First with compromised and vulnerable containers, and lately focusing exposed and misconfigured clusters. It is vital to have the right tools in place to protect your environment against such attacks. Approaches such as image scanning, admission controllers, and runtime security are very relevant in these scenarios. By leveraging the right tools, you will better understand your container environment and detect different misconfigurations and compromise attempts.

Join the SANS Solutions Forum Interactive Slack Workspace for this event (and all SANS Forums)! Connect once and you're set for all events in 2022!

>>>>Download a copy of the presentations here!

Kubernetes Solutions Forum 2022


Anjuna logoElastic_Logo.pngmark.pngSUSE_Logo-hor_L_Black-pos_sRGB.pngCopy_of_Styra_Logo_Horizontal_Blue_1000px_RGB_72dpi-01.pngsysdig_logo-black_with_tagline.png

Agenda | August 26,2022 | 10:30 AM - 1:00PM EDT



10:30 AM

Welcome & Opening Remarks

Magno Logan, SANS Instructor & Subject Matter Expert

10:45 AM

Block the Drift, Prevent the Attack at Runtime

Given the dynamic nature of cloud-native environments and the inadequacy of legacy security tools and practices carried over to the cloud, teams often are blind to container drift, especially at scale. Drift Control closes the dangerous security gaps created by modifications in running containers by automatically flagging and denying deviations from the trusted original container. Participants will leave the session with a clear understanding how to: - Move away from legacy practices that don’t work in cloud-native environments - Prevent attacks by blocking container drift in production - Enforce immutability best practice - Enable easy and effective security

Daniella Pontes, Security Product Marketing Manager, Sysdig

11:20 AM

Dynamic Authorization and Policy Control for Your Kubernetes Cluster

When you adopt Kubernetes for production, how do you, a cluster administrator, enforce requirements from security and compliance teams, and how do you allow for differing levels of developer expertise? Like most systems, you put guardrails on the cluster to limit how teams (ab)use the cluster, but with Kubernetes those guardrails look quite different because Kubernetes differentiates runtime-state (what is actually happening) and desired-state (what is supposed to happen). Treating desired-state as separate from runtime-state enables you to put guardrails on the instructions developers give to Kubernetes and in so doing avoid runtime problems even before they happen. Dozens of companies have found that enforcing desired-state security policies is crucial for putting Kubernetes into production; Kubernetes is simply too flexible and too powerful to hand over to even relatively small teams without basic guardrails like ensuring images are pulled from trusted repositories and avoiding network configurations where one application steals another application’s traffic.

Ash Narkar, Software Engineer, Open Source

11:55 AM


12:10 PM

Automating Kubernetes Security and Protecting Your Applications from the Unknown

With the common pace of application release and development in containerized environments it becomes increasingly difficult for organizations to catch up with the security part, in this presentation we will show you how easy it is to go beyond traditional methods to mitigate security risks in kubernetes environments and protect your running container applications by integrating SUSE NeuVector into your CI/CD pipeline and using its application behavior learning capabilities to create security policies that can protect from zero-day exploits and unexpected application behaviors in your whole kubernetes infrastructure, all this without compromising the speed of your development.

Raul Mahiques Martinez, Security Technical Marketing Manager, SUSE

12:45 PM

Why High Fidelity Visibility Matters in Kubernetes

Kubernetes adoption is outpacing the expertise in the area, and security practitioners are dealing with new threats. Coupling this with little visibility into their own infrastructure, oftentimes teams don’t know who is in their cloud and what they are doing. In this talk, we will discuss how to get a clear understanding of these concepts and how to best detect and prevent unwanted activity or use of Kubernetes.

Scott Holt, Senior Solutions Architect, Elastic

1:20 PM

Wrap-Up and Closing Remarks

Magno Logan, SANS Instructor & Subject Matter Expert