The Trust Is Out There: Zero-Trust for Kubernetes Explained

Organizations are scaling their usage of Kubernetes in production, and in parallel, the Kubernetes threat landscape continues to evolve as new vulnerabilities and attack vectors are discovered. Additionally, the Kubernetes networking model involves several moving pieces that introduce complexity for cluster operators. As a result, organizations must tackle several challenges to effectively secure their containerized and microservices-based applications. Applying a zero-trust model to protecting Kubernetes can significantly improve the security posture of these environments.

This talk will outline key ways that organizations can get started with to better achieve a zero-trust model for securing their Kubernetes applications. It will provide a brief overview of Kubernetes cluster networking, relevant threat vectors, foundational principles of a zero-trust architecture and security best practices for implementing those principles. It will also highlight available technologies within the broader Kubernetes ecosystem — namely service meshes — that can enable zero-trust network security, as well as the tradeoffs that they introduce.



   Wei Lien Dang

   Co-founder & Chief Strategy Officer