Minimalism : Key to Cloud Security

# Minimalism : Key to Cloud Security Containers and Orchestrators are being rapidly adopted worldwide due to the advantages they provide. But so has risen the cyber attacks on the same. With the rise in recent vulnerabilities like log4j and pwnkit there's an ever more demanding need to enforce security in containers. Even with Static Analysers in place which scan for known vulnerabilities, a new vulnerability can pop up anytime or you can be compromised at runtime which may end up in losses. We should try to reduce the attack surface as much as possible to reduce these unknown unknowns. This talk will be about how can one choose to be a minimalist about their workloads right from choosing the right node images to reducing dependencies in our containers and finally restricting access at runtime. We will explore about Container Optimised Operating Systems, RBAC, Docker Slim, Network Policies, Kubernetes Security Context and tooling around Mandatory Access Control and how they can help you out on your path to become minimalist with your workloads. # Script Hello Everyone, I am Barun Acharya. Today I will be talking about How Minimalism is key to achieving cloud security. Containers and Orchestrators are being rapidly adopted worldwide due to the advantages they provide. But so has risen the cyber attacks on the same. With the rise in recent vulnerabilities like log4j and pwnkit there's an ever more demanding need to enforce security in containers. Even with Static Analysers in place which scan for known vulnerabilities, a new vulnerability can pop up anytime or you can be compromised at runtime which may end up in losses. We should try to reduce the attack surface as much as possible to reduce these unknown unknowns. This talk will be about how can one choose to be a minimalist about their workloads right from choosing the right node images to reducing dependencies in our containers and finally restricting access at runtime. This is how modern container orchestrated applications look like. We have application running across Nodes, orchestrated by Kubernetes.