Hacking Kubernetes
Threat-Driven Analysis and Defense
Book Description
Want to run your Kubernetes workloads safely and securely? This practical book provides a threat-based guide to Kubernetes security. Each chapter examines a particular component's architecture and potential default settings and then reviews existing high-profile attacks and historical Common Vulnerabilities and Exposures (CVEs). Authors Andrew Martin and Michael Hausenblas share best-practice configuration to help you harden clusters from possible angles of attack.This book begins with a vanilla Kubernetes installation with built-in defaults. You'll examine an abstract threat model of a distributed system running arbitrary workloads, and then progress to a detailed assessment of each component of a secure Kubernetes system.
Understand where your Kubernetes system is vulnerable with threat modelling techniques; Focus on pods, from configurations to attacks and defenses; Secure your cluster and workload traffic; Define and enforce policy with RBAC, OPA, and Kyverno; Dive deep into sandboxing and isolation techniques; Learn how to detect and mitigate supply chain attacks; Explore filesystems, volumes, and sensitive information at rest; Discover what can go wrong when running multitenant workloads in a cluster; Learn what you can do if someone breaks in despite you having controls in place.
Book Details | |
| Publisher: | O'Reilly Media |
| By: | Andrew Martin, Michael Hausenblas |
| ISBN-13: | 9781492081739 |
| ISBN-10: | 1492081736 |
| Year: | 2021 |
| Pages: | 314 |
| Language: | English |
Book Preview | |
| Online | Hacking Kubernetes |
Paper Book | |
| Buy: | Hacking Kubernetes |
Share Hacking Kubernetes
Related Books
