Kubernetes has many built-in security features but that doesn’t mean it’s secure right out of the box. Security for dependency management is still lacking and new attack vectors, such as malicious containers, are emerging. Despite advances in security, the API remains Kubernetes’ main entry point for attackers.

The good news is that security teams have learned a lot about how to protect Kubernetes deployments and applications running on containers over the past few years. Such threats can be more easily addressed through a combination of workflows and tooling that span developers, security teams and IT operations (“DevSecOps”). For example, malicious containers and other attack vectors are easy to spot through anomaly detection and scanning tools.

In this edition of The New Stack Makers podcast, Robert Haynes, cloud security evangelist for Palo Alto Networks, discusses Kubernetes security above and beyond the native features, as well as the evolution of the Kubernetes vulnerability landscape since the first API attacks took place a few years ago. Alex Williams, founder and publisher of The New Stack, hosted this episode.

#containers #kubernetes #security #podcast #sponsored #the new stack makers