# Security in Kubernetes and Cloud Native Apps Nicholas Dille, Haufe.Group
Docker Captain
Microsoft MVP
@nicholasdille
@nicholasdille@freiburg.social
## Agenda | From | To | What | |-------|-------|----------------| | 09:00 | |
Let's roll | | 09:50 | 10:00 |
Coffee Break | | 10:50 | 11:00 |
Coffee Break | | 11:50 | 12:00 |
Coffee Break | | 12:30 | |
Q&A | | | 13:00 |
The End | --- ## Topics -
RBAC -
Pod Security Policies -
Pod Security Standard -
Network Policies --- ## Topics -
~~RBAC~~ -
RBAC impersonation -
~~Pod Security Policies~~ -
Pod Security Standard -
~~Network Policies~~ -
Runtimes -
Software Bill of Materials (SBoM) -
Kyverno
## Summary -
Kubernetes comes with many features to improve security -
RBAC impersonation protects from mistakes -
Pod Security Policies are deprecated and removed -
They are replaced by Pod Security Standards -
OCI runtimes can isolate privileged containers -
Supply chain security is a hot topic -
SBoMs describe all libraries contained in an artifact -
Kyverno is a Kubernetes-native policy engine ### Other content Video-Kurs [Container-Orchestrierung mit Kubernetes leicht gemacht](https://shop.heise-academy.de/kubernetes-container-orchestrierung-leicht-gemacht)