Security and Snyk, with Kamil Potrec
Kubernetes Podcast from Google - A podcast by Abdel Sghiouar, Kaslin Fields - Tuesdays
Categories:
Kamil Potrec is a Senior Security Engineer at Snyk, working on security around Kubernetes and cloud platforms. He joins the show to discuss how to think about securing your infrastructure, the different arts (and colors) of offensive and defensive security, and what not to lose sleep over. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 23, with Andrew Philips and Lars Wander A pile of mail and a bike News of the week Red Hat OpenShift 4.7 is GA Fairwinds Insights 3.0 Envoy zero-day patched Istio security bulletin Sysdig contributes Falco modules to the CNCF StorageOS raises $10m in Series B Platform9 raises $12.5m in Series D CNCF relaunches Kubernetes Community Day with KCD Africa and Bengaluru Links from the interview Offensive unit in American Football Hand-egg Red and blue teams Unreal Tournament Capture the flag Kubernetes secrets Design document Encrypting secrets at the application layer Antivirus software Tracer-tee SolarWinds attack Reflections on Trusting Trust by Ken Thompson left-pad deleted from NPM Snyk Open Source The open source parts Snyk vulnerability database MITRE CVE database Kubernetes security at Snyk Deploy only trusted containers to GKE Application threat modeling Kubernetes security best practices, including security context, AppArmor, gVisor etc CVE-2020-8554: man-in-the-middle attack using ExternalIP services CVE-2020-14386: packet socket vulnerability with user namespaces enabled Earlier related work: CVE-2017-7308 and CVE-2016-8655 Project Zero writeup Rewrite it in Rust! Kamil Potrec on LinkedIn