Kubernetes on Hard-Mode: Security in Hostile Multi-tenancy Clusters

Presented at Kawaiicon 2 (2022) Rescheduled, July 1, 2022, 2:45 p.m. (30 minutes).

K8s multi-tenancy is a commonly used architecture in companies yet true "hard multi-tenancy" in Kubernetes is a problem that is yet to be solved. This talk will look at the state of K8s multi-tenancy use-cases and the challenge to make things as secure as possible against many, many factors that make this difficult.

Presenters:

• Ron Amosa
  I'm Samoan (might as well get that out of the way early) but born here in NZ and I've been a computer geek for a while now observing InfoSec from a distance (first kiwicon was #9) so I'm fluent in English, Samoan and Geek. My background is Linux SysAd turned DevOps Engineer then SRE. I've just recently moved into Security in the last year. I also play drums (professionally at times), practice & compete in BJJ, like riding motorcycles and am working on getting a lot of tattoos.

Links:

• https://kawaiicon.org/talks/k8/

Similar Presentations:

• ToorCon San Diego 20 (2018) / Hacking and Hardening Kubernetes
• DerbyCon 9.0 Finish Line (2019) / Prepare to Be Boarded! A Tale of Kubernetes, Plunder, and Cryptobooty
• ToorCon San Diego TwentyOne (2019) / Down the sinkhole with Kubernetes