We have talked a lot about the speed at which DevOps innovation has moved and how security has consistently struggled to catch up. Kubernetes is quickly putting this idea to shame and stretching security teams to their limit. In just five short years, Kubernetes has exploded in usage, but security wasn’t always at the front of everyone’s minds.
One of the most shocking recent Kubernetes developments was the discovery of the most severe Kubernetes vulnerabilities ever, CVE-2018-1002105, which we discuss further here. The silver lining here is that the vulnerability led to the realization that Kubernetes developers need better security practices. To be fair, security, as with DevOps, is a process of continuous improvement. In this blog, we will discuss best practices for securing Kubernetes.