Layered security model for production grade kubernetes clusters

Melbourne & Sydney

Security

Today, many organisations are greatly simplifying their code-to-customer journey by building internal technology platforms powered by Kubernetes. Folks are adopting modern DevOps practises like GitOps, IaC, CI / CD to deliver customer value often and at fast pace. But Kubernetes is not secure by default and more often than not the vanilla installation can drastically compromise the risk and security posture resulting is increased risk of exposure.

In this talk, we will look at a layered security model for kubernetes and touch on native must-have k8s objects and configuration, ebpf based open-source tooling and finally cover off the recent developments in supply chain security that can apply to kubernetes.

About Prateek

As the CTO at Innablr, Melbourne's leading cloud engineering and KCSP certified platform consultancy, I am responsible for charting the technology direction at Innablr and helping our clients in their technology transformation journey.
‍
I have had the opportunity to work with some of the large enterprises in Melbourne and help them transform by building cloud native, cloud first technology platforms that enable fast and secure delivery of applications.

I started my career as a developer and then gradually switched to the cloud engineering and DevOps. I am really passionate about the technologies in the Kubernetes ecosystem and also co-organise the Melbourne Kubernetes User Group.