New Video from @CloudSecurityPodcast: Expert Kaylin Edwards Discusses Container and Kubernetes Security

In this new video from the Cloud Security podcast, guest Kaylin Edwards, an expert in container security and a long-time contributor to Kubernetes, shares her knowledge and experiences on container and Kubernetes workload security. Kaylin currently works at Ozero by Octa and is the co-chair of the Kubernetes SIG Security. Kaylin begins by emphasizing the importance of container security, especially in the current context where many new workloads are running on containers and Kubernetes. She explains that containers are often considered the operating system of Kubernetes, making their security crucial. Kaylin also mentions that many people think vulnerability management is limited to patch management, but she stresses that container security goes far beyond that, encompassing supply chain management, open-source libraries, and secrets. Kaylin and her co-presenter Daniel conducted research that revealed thousands, if not millions, of exposed ports on the Internet, including unsecured Kubernetes APIs. They found that this situation is often due to a lack of knowledge and an underestimation of the potential impact of vulnerabilities. Kaylin insists that even small vulnerabilities can have serious consequences if not addressed. To improve container security, Kaylin recommends using open-source tools such as Trivy, TruffleHog, and OPA (Open Policy Agent). Trivy, for example, offers Kubernetes-specific features and a rich user interface for identifying vulnerabilities. TruffleHog is excellent for detecting exposed secrets, while OPA allows defining and enforcing security policies. Kaylin also emphasizes the importance of using minimal and immutable container images, such as those provided by AWS Bottlerocket or Chain Guard, to reduce the attack surface and simplify patch management. Kaylin also discusses integrating security into CI/CD pipelines. She recommends starting with a library of approved images and a private image registry to give developers a good starting point. Then, it is crucial to automate security scans with every change and notify teams if a vulnerability is detected. Kaylin insists on the importance of collaborating with developers rather than imposing constraints on them, helping them understand security issues and supporting them in implementing best practices. Finally, Kaylin shares some tips for security teams looking to improve their relationships with developers. She recommends working directly with developers, helping them understand security issues, and supporting them in implementing best practices. She also emphasizes the importance of management engagement to make security a priority within the organization. To learn more about container security and the tools mentioned, you can watch the full video at the following address: https://www.youtube.com/watch?v=a-NYGTyJjnw