Kubernetes Podcast from Google

Kubernetes Pen Testing, with Jesper Larsson

Nov 29, 2023

Jesper Larsson, a Freelance PenTester, discusses the importance of security in Kubernetes and infrastructure as code. They cover topics such as access permissions, web application vulnerabilities, pen testing experiences, and common mistakes to avoid. Jesper also shares his background in hacking and penetration testing, emphasizing the significance of networking at meetups. The podcast explores vulnerabilities in third-party software companies and the limitations of using example code. They also discuss an AI tool for analyzing overprivileged accounts in Google Cloud.

51:13

Creator website

Episode guests

Jesper Larsson

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Storing secrets in ConfigMaps is a common mistake and not a secure storage solution for sensitive information.

Understanding the differences between Kubernetes RBAC and IAM roles is crucial for secure access management in cloud environments.

Deep dives

Common Mistake 1: Using ConfigMaps for secrets

Jesper Larsen emphasizes the common mistake of using ConfigMaps to store secrets, even though it is explicitly mentioned in the documentation that it is not a secure storage solution for sensitive information.

General recommendations for better application development in Kubernetes

02:30

AI-based Analysis of Overprivileged Accounts in Google Cloud

00:44

Introduction

4min

Jesper's Background in Hacking and Penetration Testing

4min

Securing Kubernetes and Infrastructure as Code

26min

Meeting Jesper and the Importance of Networking at Meetups

2min

Security in Third-Party Software Companies

5min

Limitations and Security Issues with Example Code Usage

7min

AI-based Analysis of Overprivileged Accounts in Google Cloud

3min

Jesper Larsson is a Freelance PenTester. Jesper works with a hacker community called Cure53. Co-organizes SecurityFest in Gothenburg, Sweden. Hosts Säkerhetspodcasten or The Security Podcast. Jesper is also a Star on Hackad, a Swedish TV Series about hacking.

Do you have something cool to share? Some questions? Let us know:

- web: kubernetespodcast.com

- mail: kubernetespodcast@google.com

- twitter: @kubernetespod

News of the week

Kubernetes Removals, Deprecations, and Major Changes in Kubernetes 1.29

Introducing SIG etcd

etcd, with Marek Siarkowicz and Wenjia Zhang (The Kubernetes Podcast from Google)

WebAssembly (WASM) and OpenShift: A Powerful Duo for Modern Applications

Linux Foundation Events

Pass the torch in ContribEx #7603

Links from the interview