K8s security - Episode 7: KAPSLOCKED

We could not end this series without a short conclusion.

Securing a Kubernetes cluster is not an easy task, but it is not more complicated than securing any cloud environment or even dedicated servers.

Vulnerabilities didn't appear with cloud computing, they were there long before, but we are now equipped with the right tools to detect them and protect our infrastructures the best we can. Believe it or not, but it is even more simple to protect a production environment now than it was before.

Knowing the flaws and risks is a huge first step into security, and by reading this series, you are already in the right direction. Applying some of the rules we talked about here should already make your environment safer than 50% of other production systems.

Is it good enough though? That is for you to decide. Remember that you have to start somewhere, and it is never too late for a matter as critical as security for businesses.

Engage your team to protect your customer

Maintaining a production environment is everyone's concern, and we hope that with this series, whatever your job description might be, you feel that you can do something to secure your software and applications.

Even if security is a critical topic, it does not mean that it needs to take a hundred percent of your time. Except if it is your core business, you have more value to add by working on it on the side, as a constant reminder. It is basically the same rule as for code test coverage. Looking for the highest score might not be the best way to go on a business perspective.

Care, but don’t overthink it.

Official Kubernetes documentation

• Certificates
• Admission Controllers
• Service Account
• Network Policies

Take care and stay safe!

Thank you for taking this journey with us on a secured Kubernetes ride.

Hope to see you soon on our #k8s slack community channel.