AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Kubernetes Podcast from Google
Kubernetes Pen Testing, with Jesper Larsson
Nov 29, 2023
Jesper Larsson, a Freelance PenTester, discusses the importance of security in Kubernetes and infrastructure as code. They cover topics such as access permissions, web application vulnerabilities, pen testing experiences, and common mistakes to avoid. Jesper also shares his background in hacking and penetration testing, emphasizing the significance of networking at meetups. The podcast explores vulnerabilities in third-party software companies and the limitations of using example code. They also discuss an AI tool for analyzing overprivileged accounts in Google Cloud.
51:13
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Storing secrets in ConfigMaps is a common mistake and not a secure storage solution for sensitive information.
- Understanding the differences between Kubernetes RBAC and IAM roles is crucial for secure access management in cloud environments.
Deep dives
Common Mistake 1: Using ConfigMaps for secrets
Jesper Larsen emphasizes the common mistake of using ConfigMaps to store secrets, even though it is explicitly mentioned in the documentation that it is not a secure storage solution for sensitive information.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode