How Kubernetes Vulnerabilities Have Shifted Since the First API Attacks

How Kubernetes Vulnerabilities Have Shifted Since the First API Attacks

Kubernetes has many built-in security features but that doesn’t mean it’s secure right out of the box. Security for dependency management is still lacking and new attack vectors, such as malicious containers, are emerging.

Kubernetes has many built-in security features but that doesn’t mean it’s secure right out of the box. Security for dependency management is still lacking and new attack vectors, such as malicious containers, are emerging. Despite advances in security, the API remains Kubernetes’ main entry point for attackers.

The good news is that security teams have learned a lot about how to protect Kubernetes deployments and applications running on containers over the past few years. Such threats can be more easily addressed through a combination of workflows and tooling that span developers, security teams and IT operations (“DevSecOps”). For example, malicious containers and other attack vectors are easy to spot through anomaly detection and scanning tools.

In this edition of The New Stack Makers podcast, Robert Haynes, cloud security evangelist for Palo Alto Networks, discusses Kubernetes security above and beyond the native features, as well as the evolution of the Kubernetes vulnerability landscape since the first API attacks took place a few years ago. Alex Williams, founder and publisher of The New Stack, hosted this episode.

containers kubernetes security podcast sponsored the new stack makers

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

50+ Useful Kubernetes Tools for 2020 - Part 2

Our original Kubernetes tool list was so popular that we've curated another great list of tools to help you improve your functionality with the platform.

Free Your Apps, Simplify Your Operations – The New Stack

Join us tomorrow and explore with Dell Technologies getting infrastructure ready for modern apps, and centrally managing clouds and cluster.

The New Stack Context: Is Kubernetes the New App Server?

Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with Tina Nolte, vice president of product, for Kubernetes management service Spectro Cloud, about why we shouldn’t think of containers/Kubernetes as just another form of virtualization.

The New Stack Context: Operators Can Be a Security Hazard

Alcide's Gadi Naor explains his worries about operators, a framework used to manage complex applications on Kubernetes and other security-related topics.

Kelsey Hightower on His Very Personal Kubernetes Journey

Kelsey Hightower speaks about his role in Kubernetes since the beginning, his thoughts on the project’s leadership today and the challenges that lay ahead.