Speaker: Dino Dai Zovi
This was a challenging session to take notes on, given the speed of the slides and the mountain of information, but suffice it to say - Docker and Kubernetes need security help and consistency!
Kubernetes (K8) is a young project, but very active. Many companies have full time engineers working on the project
The security mechanisms in K8 are all very new - only in alpha or beta, or less than 1 month old - seems like an add on. For example, RBAC is enabled by default in K8 1.6, but many people turn it off to work with older versions.
But, because most security features are new, there are many private distros forked earlier that may be missing the security features entirely! And some will "dumb down" to successfully connect to older versions - so you may have the security feature, but it's not configured. Plenty of potential attacks distributed.
Automated management of the Solaris Audit trail - The Solaris audit_binfile(7) module for auditd provides the ability to specify by age (in hours, days, months etc) or by file size when to close the curr...