Using Policy-as-Code to Manage Security Risk in K8s Before & After Deployment

Feb 04, 2021

Modern Kubernetes applications are deployed on a wide range of hosting environments, from multitenant clusters in the cloud to specialized microclusters at the edge. Recent security disclosures, such as those associated with CVE-2020-8554 and CVE-2020-8569, highlight the need for development teams to protect their applications against weaknesses that may be exposed through the runtime environment.

This presentation will demonstrate how Kubernetes development teams can improve security with policy as code, using open standards such as the Open Policy Agent (OPA) and open source IaC scanners such as Terrascan. OPA provides a standard tool for codifying and evaluating policies, and Terrascan provides hundreds of pre-built policies aligned to best practices for Kubernetes, common cloud environments, and package managers such as Helm. Used together, they help you establish and enforce security policies during development that will help eliminate security risks before services and applications are deployed, and build those policies into the application so it can remain secure when faced with attacks in the runtime environment.

Speaker: Cesar Rodriguez, Head of Developer Advocacy, Accurics

Presented with Cloud Native Computing Foundation on February 4, 2021.

TAG Cyber chats with Accurics on their self-healing cloud native infrastructure

A Practical Approach for Injecting Sec into DevOps with Jon Jarboe

TechStrong TV: The Cloud Cyber Resilience Report findings with Om Moolchandani

We use cookies to ensure you get the best experience on our website. By continuing to browse this site, you acknowledge the use of cookies.