Addressing the Top 10 Kubernetes Risks

23 February, 2023

60 min

Addressing the Top 10 Kubernetes Risks

Given the growth and adoption of Kubernetes, a number of projects have been published in the OWASP community to help practitioners assess and secure the security of their containerized infrastructure including the recently released Top Ten for Kubernetes. This OSS project is a community-curated list of the most common Kubernetes risks backed by data collected from organizations varying in maturity and complexity. This session will discuss the project in detail, examples for each of the risks in the list, and how you can get involved.

📚 What will you learn?

✅ Understand how to interpret the OWASP Top Ten for Kubernetes

✅ Dive into the most pressing risks presenting security and development teams using Kubernetes

✅ Explore OSS tools and frameworks to address Kubernetes security risks

✅ Learn how to contribute to the Top Ten project and other OWASP container security projects

About Speaker

Jimmy Mesta

Jimmy Mesta is the Co-Founder and CTO at KSOC (Kubernetes Security Operations Center). Prior to founding KSOC, Jimmy held senior leadership positions at a number of enterprises including Signal Sciences (acquired by Fastly) where he led a team of researchers and engineers. He has over a decade of experience building large-scale cloud security programs, delivering technical security training, publishing research, and securing some of the largest containerized environments in the world. Jimmy is a well-versed public speaker and has presented at global conferences including KubeCon, LocoMocoSec, RSA, NDC, CactusCon, and AppSec USA.