What We Discuss with Madhu Akula:
- What is Kubernetes for people who don’t know?
- What is Cloud native and it’s relevance to Kubernetes?
- Kubernetes deployed in productionIs Kubernetes insecure by Design? Why?
- Top 3 Security by design or default flaw in Kubernetes according to you that people don’t talk about?
- How important is a Docker file in the context of Kubernetes?
- What dock files can be used to secure kubernetes?
- Most sophisticated attack that you have seen in Kubernetes? And some simple attacks that people can check for as well?’
- What is the defense strategy when it comes to Kubernetes Security? What does automated defense look like in a Kubernetes world?
- What are security defaults to consider for Kubernetes managed by Cloud Service Providers?
- Does implement everything in CIS benchmark on the Kubernetes cluster make it secure?
- How do you start learning about Kubernetes?
- What is Kubernetes goat and its relevance to people learning Kubernetes?
- What are ways to control access to users at cluster level?
- Is there a lot of difference (from a security perspective) between different types of Kubernetes? (CSP vs self hosted Kubernetes)
- Why would someone go for a Cloud managed Kubernetes vs Self Hosted?
- Let’s take Dockerfiles as an example, any TTP that people can use to secure them?
- Is there Automated Defence possible in a Kubernetes Cluster at scale throughout the dev to prod?
- Someone listening who works for a startup or tech company and is looking at doing Kubernetes the right way, what should be some basic things they should consider doing in their kubernetes cluster?
- Applying Kubernetes security at scale – what does this mean and can you share an example of how this can be done – from dev to prod cycle?
- What do you see as a pattern when you see it as a big mistake when people are trying to implement Kubernetes?
- What are the common fires you hear people talk about when deploying Kuberenetes in their organisation or in your circle
- Kubernetes Goat – What is it and what kind of experience folks should be using it? Any programming background required?
- And much more…
THANKS, Madhu Akula!
If you enjoyed this session with Madhu Akula, let him know by clicking on the link below and sending her a quick shout out at Twitter:
And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at firstname.lastname@example.org.
Resources from This Episode:
- Tools & services, discussed during the Interview
- Kubernetes Security Documentation (Official)
- CNCF SIG – Security WhitePaper (pdf)
- Katacoda – Learn Kubernetes using browser based Labs
- Janakiran MSV YouTube Channel
- Kubernetes Goat by Madhu Akula (Open Source)
- Kubernetes CIS Benchmark
- Security Automation with Ansible – Book by Madhu Akula and Akash Mahajan