Building Defenses Like You Mean It presented at Shakacon 2018

by Elissa Shevinsky,

Summary : Whether it’s an unsecured Kubernetes configuration or the Meltdown/Spectre exploits, there’s always a way into your company’s seemingly secure containers. But for companies managing high value assets, it’s worth the effort to go the extra mile to prevent hackers from accessing that data.Taking examples from industries with strong security needs – like banking, health care, cryptocurrency and the military – we’ll do a deep dive into best practices for container security. We’ll do a quick tour of low hanging fruit, like protecting all Kubernetes with passwords, and optimizing the configuration options rather than relying on defaults. (These seem basic but it’s a common problem – even Tesla was compromised in 2018 for failing to password protect a Kubernetes console.) For this talk, we’re going beyond “Minimum Viable Security” and aiming for that gold star. We’ll learn about the security techniques to secure Docker and Kubernetes when protecting user data is a clear top priority, even if it takes extra time and resources. These techniques include VPNs and VPC Peering, LetsEncrypt, database replication, container scanning tools, and other tools to isolate your most sensitive data.