Kubernetes Cluster Security Audit Explained

Cloud Security Podcast -  we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the fourth episode in this series Shane Lawrence and Daniele Santos from Shopify explained how kube-audit an open source tool from Shopify. They spoke about how they have used the audit tool to improve security with a developer security lens. Episode ShowNotes, Links and Transcript on Cloud Security Podcast: ⁠⁠⁠⁠⁠www.cloudsecuritypodcast.tv⁠⁠⁠⁠⁠ FREE CLOUD BOOTCAMPs on ⁠⁠⁠⁠⁠www.cloudsecuritybootcamp.com⁠⁠⁠⁠⁠ Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠) Guest Socials: Shane Lawrence (Shane's Linkedin) and Daniele Santos (Dani's Linkedin) Podcast Twitter - ⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠@CloudSecureNews⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠Cloud Security News ⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠ Spotify TimeStamp for Interview Questions (00:00) Introduction (02:52) A bit about Shane (03:45) A bit about Dani (04:23) Which kubecons have Shane and Dani attended? (05:03) A bit about Dani and Shane's talk at Kubecon EU (06:42) Misconfigurations in Kubernetes (09:48) Dani talks about the Kubernetes Security Report (10:13) Use case for Kubernetes Misconfiguration (11:45) What is Azure Escape? (12:51) What is container escape? (15:26) What is kubeaudit? (15:49) Contributing to kubeaudit (16:40) The maturity of kubeaudit (19:04) How would kubeaudit help with an azure escape? (19:41) The developer experience (21:34) How shopify uses kubeaudit (24:59) Getting started with kubeaudit (25:53) Challenges with implementing kubeaudit (27:19) Maturity of kubernetes security and kubecon (30:02) Learning about kubernetes (34:07) Areas of security not being spoken about enough (36:16) Open Source and Software supply chain risks See you at the next episode!