Chapter 2. Security Observability in Cloud Native Environments

Kubernetes has become the de facto cloud operating system, and every day an increasing number of critical applications are containerized and shifted to a Cloud Native landscape. This means Kubernetes is quickly becoming a rich target for both passive and targeted attackers.

Kubernetes does not provide a default security configuration and provides no observability to discern if your workloads or cluster has been attacked or compromised. Kubernetes left this problem unsolved and it’s up to the cluster operator’s best knowledge to decide which hardening practices to implement, or which runtime security tools to use.

Understanding your security posture isn’t just about applying security configuration and hoping for the best. Hope isn’t a strategy, and just like the Site Reliability Engineer (SRE) principle of Service Level Objectives (SLOs) which “[identifies] an objective ...