Speaker: Dino Dai Zovi
This was a challenging session to take notes on, given the speed of the slides and the mountain of information, but suffice it to say - Docker and Kubernetes need security help and consistency!
Kubernetes (K8) is a young project, but very active. Many companies have full time engineers working on the project
The security mechanisms in K8 are all very new - only in alpha or beta, or less than 1 month old - seems like an add on. For example, RBAC is enabled by default in K8 1.6, but many people turn it off to work with older versions.
But, because most security features are new, there are many private distros forked earlier that may be missing the security features entirely! And some will "dumb down" to successfully connect to older versions - so you may have the security feature, but it's not configured. Plenty of potential attacks distributed.
When The Cake Spills The Tea - It's "Tell The Truth" Day, minions, so remember: Sometimes you have to speak your truth: [image: Bernice+Tay-FB-aint+got+time.jpg] Other times you have...