Magno Logan works as an Information Security Specialist for Trend Micro Cloud and Container Security Research Team. He specializes in Cloud, Container and Application Security Research, Threat Modelling, Red Teaming, DevSecOps, and Kubernetes Security, among other topics. He has been tapped as a resource speaker for numerous security conferences around the globe including Canada, USA, Portugal and Brazil. He is also the founder of JampaSec and a member of the CNCF SIG-Security team.
Information Security Specialist and Senior Threat ResearcherWhat is your company/affiliation(s)? –
Trend MicroWebsite (full URL) – Twitter account (full URL) – LinkedIn profile (full URL) – GitHub account (full URL) –
Q&A and discussion for the cloud security block, hosted and moderated by Max Habra. Questions will be gathered from the audience during the three prior talks.
This workshop aims to give an overview about how Kubernetes works and provide some best practices to secure your cluster whenever you are deploying a new cluster on your own or via managed services such as GKE, EKS or AKS. We are going to cover everything from the Control Plane or the Master Node, starting with the API server, including etcd, RBAC and network policies. Then, we’ll cover the worker nodes, kubelet, audit logs and pods best practices. We'll talk about the CIS Benchmarks for Kubernetes and the default configurations you need to worry about when deploying a new cluster. We'll show how to use RBAC and assign roles and permissions to your cluster users. We'll demonstrate how to enable audit logs for better visibility and later we'll set up some network policies to avoid communication between pods and prevent any lateral movement from attackers.