Everand Logo

Welcome to Everand!

  • Discover this podcast and so much more

    Podcasts are free to enjoy without a subscription. We also offer ebooks, audiobooks, and so much more for just $11.99/month.

    Service Mesh & Zero Trust Kubernetes Security - William Morgan - ASW #192

    Service Mesh & Zero Trust Kubernetes Security - William Morgan - ASW #192

    FromApplication Security Weekly (Video)

    Start listeningView podcast show

    Service Mesh & Zero Trust Kubernetes Security - William Morgan - ASW #192

    FromApplication Security Weekly (Video)

    ratings:
    Length:
    36 minutes
    Released:
    Apr 11, 2022
    Format:
    Podcast episode

    Description

    The zero trust approach can be applied to almost every technology choice in the modern enterprise, and Kubernetes is no exception. For Kubernetes network security particularly, adopting a zero trust model involves some radical changes, including moving from a security perimeter defined by firewalls, IP addresses, and cluster boundaries to a granular approach that treats the network itself as adversarial and moves the security boundary down to the pod level. William will discuss why the zero trust approach is increasingly necessary for comprehensive Kubernetes security, the dos and don’ts when adopting Kubernetes, the implications for operators and security teams, and where tooling like service mesh plays a role.   Segment Resources: - https://github.com/linkerd - https://linkerd.io/ - https://buoyant.io/mtls-guide/ - https://buoyant.io/service-mesh-academy/   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw192
    Released:
    Apr 11, 2022
    Format:
    Podcast episode

    Titles in the series (100)

    Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application Security space - as well as enabling “Cyber Curious” developers to get involved in the Application Security process at their organizations. To a lesser extent, we hope to arm Security Managers and Executives with the knowledge to be conversational in the realm of DevOps - and to provide the right questions to ask their colleagues in development, along with the metrics to think critically about the answers they receive.