Loading…
Virtual Event
July 30–August 1, 2020
Learn More and Register to Attend This Event

To view the Chinese version of this schedule please go here.
请点击此处查看中文版本。

Please note: This schedule is automatically displayed in China Standard Time (CST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Friday, July 31 • 17:40 - 18:10
The Least Privilege of Kubernetes - Kaizhe Huang, Sysdig

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
The principle of least privilege states that each component of the ecosystem should have minimal access to data and resources for it to function In this presentation, we will first introduce the principle of least privilege. Given the complexity of Kubernetes, we will first look into the Kubernetes subjects and privileges grant. Then we will talk about privileges of Kubernetes workload and the possible ways to restrict them. The goal of this presentation is to help audience understand a few critical concepts: the principle of least privilege, role based access control(RBAC), different Kubernetes objects like namespaces, service accounts, roles and role bindings which can be used to implement the principle of least privilege of Kubernetes subjects, as well as security mechanism like Security Context, PodSecurityPolicy, NetworkPolicy for Kubernetes workload.
Speakers
avatar for Kaizhe Huang

Kaizhe Huang

Security Researcher, Sysdig
Kaizhe Huang is a security researcher in Sysdig where he researches about defending Kubernetes and containers from attacks ranging from web to kernel. Kaizhe is one of the maintainers of Falco, an incubation level CNCF project and the original author of multiple open source projects... Read More →

Friday July 31, 2020 17:40 - 18:10 CST
Virtual Room 4
  Security + Identity + Policy