Resilient Cyber
Resilient Cyber
S3E13: Jimmy Mesta - Kubernetes Security & Compliance

S3E13: Jimmy Mesta - Kubernetes Security & Compliance

Chris: For those not familiar with Kubernetes, can you tell us what it is and why there is so much buzz around it?

Chris: Kubernetes, while it has many benefits also is a very complex technology, what are some of the key things organizations should keep in mind when using Kubernetes securely?

Nikki: What kind of role do you see RBAC playing with Kubernetes? I don't hear a lot of talk around this subject and I'm curious what you think may be the importance of RBAC around Kubernetes

Chris: Any nuances or recommendations to those rolling their own versus using managed Kubernetes offerings?

Nikki: What does governance look like around Kubernetes - specifically around large, multi-cluster environments

Chris: From a compliance perspective, what are some resources organizations can use to securely provision and operate Kubernetes from a compliance perspective?

Nikki: Can we also chat about Kubernetes API logs when it comes to auditing and assessments?

Chris: You lead the Kubernetes Top 10 project with OWASP, can you tell us a bit about that?

Nikki: Where do you think kubernetes, clusters, etc are heading? What does the future look like for security teams to not only understand these new technology areas, but to understand how to secure them properly?

Chris: Do you feel like security practitioners are keeping pace with the rate of innovative technologies like Kubernetes, and if now, how can we fix that?

Chris: We know you are the CTO and Co-Founder of KSOC - tell us a bit about the firm and what you all specialize in and what led you to founding it?