Home Security Learn Kubernetes Security

Learn Kubernetes Security

4.5 (2 reviews total)
By Kaizhe Huang , Pranjal Jumde
    What do you get with a Packt Subscription?

  • Instant access to this title and 7,500+ eBooks & Videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
Access now Or Sign In
  1. Section 1: Introduction to Kubernetes

About this book

Kubernetes is an open source orchestration platform for managing containerized applications. Despite widespread adoption of the technology, DevOps engineers might be unaware of the pitfalls of containerized environments. With this comprehensive book, you'll learn how to use the different security integrations available on the Kubernetes platform to safeguard your deployments in a variety of scenarios.

Learn Kubernetes Security starts by taking you through the Kubernetes architecture and the networking model. You'll then learn about the Kubernetes threat model and get to grips with securing clusters. Throughout the book, you'll cover various security aspects such as authentication, authorization, image scanning, and resource monitoring. As you advance, you'll learn about securing cluster components (the kube-apiserver, CoreDNS, and kubelet) and pods (hardening image, security context, and PodSecurityPolicy). With the help of hands-on examples, you'll also learn how to use open source tools such as Anchore, Prometheus, OPA, and Falco to protect your deployments.

By the end of this Kubernetes book, you'll have gained a solid understanding of container security and be able to protect your clusters from cyberattacks and mitigate cybersecurity threats.

Publication date:
July 2020
Publisher
Packt
Pages
330
ISBN
9781839216503
  Download code from GitHub
 

Section 1: Introduction to Kubernetes

In this section, you will grasp the fundamental concepts of Kubernetes' architecture, network models, threat models, and the core security principles that should be applied to a Kubernetes cluster.

The following chapters are included in this section:

Read more

About the Authors

  • Kaizhe Huang

    Kaizhe Huang is a security researcher at Sysdig, where he researches how to defend Kubernetes and containers from attacks ranging from web attacks to kernel attacks. Kaizhe is one of the maintainers of Falco, an incubation-level CNCF project, and the original author of multiple open source projects, such as kube-psp-advisor. Before joining Sysdig, as an employee at Stackrox, Kaizhe helped build a detection data pipeline, conducted security research, and innovated detection based on machine learning. Previously, as a senior security engineer at Oracle, he helped build security products: Database Vault, Database Privilege Analyzer, and Database Assessment Tool. Kaizhe holds an MS degree in information security from Carnegie Mellon University.

    Browse publications by this author
  • Pranjal Jumde

    Pranjal Jumde is a senior security engineer at Brave Inc. In the security industry, he has worked on different aspects of security, such as browser security, OS/kernel security, DevSecOps, web application security, reverse engineering malware, security automation, and the development of security/privacy features. Before joining Brave, as an employee at Stackrox, Pranjal helped in the development of detection and enforcement features for the runtime detection platform. He has also worked at Apple and Adobe, where he worked on the development of features to harden various platforms. Pranjal holds an MS degree in information security from Carnegie Mellon University. He has also presented his research at different conferences, such as ACM CCS and BSides SF/Delhi.

    Browse publications by this author

Latest Reviews

(2 reviews total)
This is an excellent book on explaining security related concepts on Kubernetes. Its explanations are on target and easy to understand. The only thing I would add are more practical examples to make it a perfect book on K8s security.
4
31 December 2021 David
Nagy jól összeszedett, szerkesztett, lényegre törő kiadvány. Nagyon jól tudom a szerzett ismereteket használni a mindennapi munkámban.
5
05 August 2020 Robert Rozsa

Recommended For You

AWS Penetration Testing
AWS Penetration Testing

Get to grips with security assessment, vulnerability exploitation, workload security, and encryption with this guide to ethical hacking and learn to secure your AWS environment

By Jonathan Helmus
Dec 2020 330 pages
Mastering Azure Security
Mastering Azure Security

Leverage Azure security services to architect robust cloud solutions in Microsoft Azure

By Mustafa Toroman and 1 more
May 2020 262 pages
Mastering Docker - Fourth Edition
Mastering Docker - Fourth Edition

Unlock the full potential of the Docker containerization platform with this practical guide

By Russ McKendrick
Oct 2020 568 pages
Machine Learning for Algorithmic Trading - Second Edition
Machine Learning for Algorithmic Trading - Second Edition

Leverage machine learning to design and back-test automated trading strategies for real-world markets using pandas, TA-Lib, scikit-learn, LightGBM, SpaCy, Gensim, TensorFlow 2, Zipline, backtrader, Alphalens, and pyfolio.

By Stefan Jansen
Jul 2020 820 pages
Learn Kubernetes Security
Unlock this book and the full library FREE for 7 days
Start now