Speaker: Dino Dai Zovi
This was a challenging session to take notes on, given the speed of the slides and the mountain of information, but suffice it to say - Docker and Kubernetes need security help and consistency!
Kubernetes (K8) is a young project, but very active. Many companies have full time engineers working on the project
The security mechanisms in K8 are all very new - only in alpha or beta, or less than 1 month old - seems like an add on. For example, RBAC is enabled by default in K8 1.6, but many people turn it off to work with older versions.
But, because most security features are new, there are many private distros forked earlier that may be missing the security features entirely! And some will "dumb down" to successfully connect to older versions - so you may have the security feature, but it's not configured. Plenty of potential attacks distributed.
Sunday Sweets: Filibuster Edition - A friend once told me, "I love all your posts, but I have to admit, on Sundays you could really write anything. I'm just there for the gorgeous cakes." ...