November 2022
Intermediate to advanced
50 pages
1h 2m
English
Content preview from Zero Trust Architecture in Kubernetes
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 3. Observable State
It’s impossible to secure what cannot be seen. Anyone who has ever worked in a security operations center (SOC) can tell you that their everyday work entails using lots of log analysis software, alerting SOC analysts to any anomaly that appears. Effective defensive security requires logging as many devices and applications in the network as possible, keeping an eye on those logs, and staying informed about performance metrics. If an event isn’t logged, it will be missed by security monitoring software and the human professionals using it. Zero trust architecture (ZTA) is something a secure Kubernetes deployment must have, but it doesn’t come with Kubernetes software out of the box. Establishing an observable state means that all the events and metrics within your application are visible to security controls and the human beings who manage them.
Sounds simple, doesn’t it? Especially since intrusion detection systems and intrusion prevention systems (IDSs and IPSs), endpoint detection and response (EDR) systems, firewalls, and security information and event management (SIEM) systems can be configured to automate most of the log analysis and anomaly detection processes in enterprise networks. A typical enterprise network logs hundreds or thousands of events every minute, so automating as much as possible is an absolute necessity.
Cloud-driven application networks are integral to most enterprises these days. But it’s important to recognize that those innovative ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.