Container Platform Security with Maya Kaczorowski

SE Daily
By
Podcast Tuesday, April 30 2019

Podcast: Play in new window | Download

Subscribe: RSS

A Kubernetes instance occupies a wide footprint of multiple servers, creating an appealing target to an attacker, due to its access to a large pool of compute resources. A common attack against an exposed Kubernetes cluster is to take it over for the purposes of mining cryptocurrency. Thus it is important to keep a cluster secure.

The importance of security is magnified for a cloud provider. A cloud provider runs a managed Kubernetes service, which might be running thousands of Kubernetes clusters. If the cloud provider’s chosen distribution of Kubernetes contains a vulnerability, or if the Kubernetes instances are misconfigured, all of these clusters could be exposed to the same vulnerability.

Maya Kaczorowski works on the security of Google’s managed Kubernetes service GKE. In today’s show we discuss the attack surface of a managed Kubernetes service. Maya was previously on the show to talk about container security. This episode is a good companion to that one, as well as a previous show with Liz Rice about container security.

RECENT UPDATES:

FindCollabs is a company I started recently

The FindCollabs Podcast is out!

FindCollabs is hiring a React developer

FindCollabs Hackathon #1 has ended! Congrats to ARhythm, Kitspace, and Rivaly for winning 1st, 2nd, and 3rd place ($4,000, $1000, and a set of SE Daily hoodies, respectively). The most valuable feedback award and the most helpful community member award both go to Vynce Montgomery, who will receive both the SE Daily Towel and the SE Daily Old School Bucket Hat

We are booking sponsorships for Q3, find more details at https://softwareengineeringdaily.com/sponsor/

Podsheets is our open source set of tools for managing podcasts and podcast businesses

New version of Software Daily, our app and ad-free subscription service

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com/sed to get 20% off the first two months of audio editing and transcription services. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.


POPULAR

Software Daily

Software Daily

 
Subscribe to Software Daily, a curated newsletter featuring the best and newest from the software engineering community.


Exclusive Articles

Developing Dave the Diver with Jaeho Hwang and Minsuk Cha

Spring AI and Java in 2024

Going Open Source at Convex with James Cowling

Cloud Engineering

Building Chess.com with Jay Severson

Mastodon with Eugen Rochko

AWS re:Invent Special: PartyRock Generative AI Apps with Mike Miller

Business and Philosophy

KubeCon Special: Docker with Justin Cormack

Software Architecture with Josh Prismon

Engineering Transformation at Scale with Chris Dillon

Greatest Hits

Hardening C++ with Bjarne Stroustrup

Surviving ChatGPT with Christian Hubicki

Special Episode with George Hotz

Popular

  1. Going Open Source at Convex with James Cowling
  2. Why We Switched from Python to Go
  3. Netflix Engineering with Jay Phelps
  4. Authlete and Making OAuth Accessible with Justin Richer
  5. Slack Data Platform with Josh Wills

Hackers

Making React 70% faster with Aiden Bai of Million.js

Cross-functional Incident Management with Ashley Sawatsky and Niall Murphy

SDKs for your API with Sagar Batchu

Data

Spring AI and Java in 2024

Iceberg at Netflix and Beyond with Ryan Blue

Building a Data Lake with Adam Ferrari