Cailyn Edwards, Senior Security Engineer at Shopify, discusses the complexities of Kubernetes Network Security in a multi-tenant environment, including tools and tactics for securing Kubernetes environments. She also shares insights from her journey at Shopify and tips for advancing the security maturity of Kubernetes networks.
26:22
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
insights INSIGHT
Kubernetes Networking Is Open by Default
Kubernetes networking resembles traditional networking externally but is a flat internal network needing explicit security configuration.
Kubernetes is not secure by default; it opens all communication by design, relying on user-specified restrictions via YAML.
question_answer ANECDOTE
Multi-Tenancy Explained with Roommates
Multi-tenancy in Kubernetes is like sharing an apartment with different roommates having various comfort levels.
You must protect your space from risky roommates to prevent unauthorized access between workloads.
volunteer_activism ADVICE
Use Kubernetes Security Checklist
Use the Kubernetes Security Checklist to proactively enable built-in security features suited to your infrastructure.
Regularly audit your cluster configuration to prevent common misconfigurations and vulnerabilities.
Get the Snipd Podcast app to discover more snips from this episode
Kubernetes security explained : We spoke to Cailyn Edwards, CNCF Ambassador and Senior Security Engineer at Shopify. Interview was recorded at Kubecon NA 2023. We asked her about the complexities of Kubernetes Network Security in a multi-tenant environment. During the interview, she shared the nuances of Kubernetes network security in multi-tenant setups, tools and tactics for securing Kubernetes environments, insights from her journey at Shopify and tips for advancing the security maturity of Kubernetes networks.
Thank you to our episode sponsor Vanta - You can check them out at vanta.com/cloud
(00:00) Introduction
(02:25) A bit about Cailyn
(03:08) How is Kubernetes Networking different?
(04:20) Foundational pieces of Kubernetes Networking
(06:21) Whats missing in Kubernetes Networking?
(07:47) What is Multi Tenancy?
(10:20) What are some of the common threat models?
(13:16) How are people responding to threats?
(14:41) Where to start learning about this?
(16:26) Best practices for Kubernetes Networking
(18:16) What becomes more important with maturity?
(21:14) Resources to learn more about Kubernetes Security
(22:30) The Fun Section
Cloud Security Podcast