Скачать или смотреть Securing Kubernetes Clusters: From Access Control to System Hardening

Kubernetes clusters are increasingly targeted by attackers due to misconfigurations and insufficient hardening. In this talk, we will address these challenges by diving into advanced security practices, including RBAC auditing, Network Policy testing, runtime security monitoring, and Linux-level hardening. You’ll learn how to enforce least privilege with RBAC, block unauthorized traffic using Network Policies, and detect anomalies in real-time with tools like Falco.

Additionally, the session will cover how to reduce attack surfaces by implementing seccomp profiles, Linux Security Modules (AppArmor/SELinux), dropped capabilities, and sandboxing technologies (gVisor, Kata Containers). Attendees will leave with practical illustrations and actionable strategies to secure their Kubernetes environments effectively.

About the speakers:
Rafik Harabi has more than 15 years of tech and internet industry experience. Currently, he is a Senior Solution Architect devoted to helping customers secure their cloud native platforms and applications. Before joining Sysdig, he was responsible for executing go-to cloud programmes in highly regulated environments such as government and financial services. Rafik enjoys sharing his knowledge and experience through many conferences (SRECon, DevOpsCon, Cloud Native Security Con….).

Mohamed Rafraf is a Kubernetes Platform Engineer specializing in cloud native infrastructure, Kubernetes controller, and automation