Woah! We have our Kubernetes cluster deployed and ready to manage or fleet of containers. And is awesome, we can scale them automatically! But, but... WTF?! What does it mean this message about ""File below a known binary directory opened for writing""? Which container opened a file under /bin to write in among the other 9813 containers in my cluster?
When you are operating a cluster with several pods and nodes, finding the pod which originates the alert may be difficult. We also need to react quickly to a security issue, the faster we react to the issue the better to avoid greater damage.
In this talk we are going to show how to implement Active Security step by step, using Open Source Software for implementing Serverless architecture in Kubernetes and Cloud Native tools.
We will do a little demo covering the following topics:

- Exploit an application and detecting security threats with Falco
- Learn a Pub/Sub implementation using NATS as transport layer
- Real time reactions deployed as FaaS with Kubeless
- Network Isolation with Kubernetes Network Policy and Calico

Comments

Comments are closed.

Karina Guzmán at 13:09 on 1 Oct 2018

Néstor fue muy interesante y además muy práctico todo lo que nos enseñaste, hubiese agradecido un poco más de tamaño para ver el código en la pantalla pero espero a las slides para revisarlo. :)