Kubernetes network policies 101: Shifting network security left
Containers and Kubernetes pose a unique set of network security challenges. Container-to-container (or pod-to-pod) communication was allowed by design to keep things simple. However, if a container is breached, the ability for a malicious actor to move laterally within the environment is directly related to how broadly that container can communicate with other containers. By default this includes each and every container across the cluster, including sensitive control plane containers. Kubernetes introduced network policies to provide the much needed control, but operationalizing this mechanism is not a trivial task. Not only is the technology itself hard, it is also unclear who in the organization owns this, and how it should fit with existing GitOps processes. Tune in where we discuss how to address the challenges of securing network communication using automation to establish an effective GitOps process.
Relatori
Boaz Michaely | Principal Product Manager, Technical, Advanced Cluster Security, Red Hat
Boaz Michaely is a diversified product management professional with more than 20 years of experience in security, application development and infrastructure solutions. At Red Hat, Boaz focuses on the Red Hat Advanced Cluster Security product, based on the open source Stackrox.io project. Prior to joining Red Hat, Boaz held senior product management roles at CyberArk, Trilio and Dell EMC.
Marc Curry | Consulting Product Manager, Technical, Advanced Cluster Security, Red Hat
Marc Curry is a Consulting Product Manager on the hybrid platform team with a focus on Red Hat OpenShift Container Platform networking and performance for application platforms. Prior to his current role, Marc was a solution architect specializing in open source solutions for the telecommunications industry, and has had various technical roles within Red Hat going back 20 years, building upon his scientific and high-performance computing background.
Michael Foster | Principal Product Manager, Technical, Advanced Cluster Security, Red Hat
Michael Foster is a Principal Product Manager at Red Hat, focusing on Red Hat Advanced Cluster Security for Kubernetes (formerly StackRox). Michael is a passionate technology enthusiast and open source advocate contributing to the Cloud Native Computing Foundation (CNCF) ecosystem through various media forms. Michael helps people become more security-focused during their cloud-native journey through his work with the open source StackRox community at stackrox.io.