RedHat OpenShift Security – Kubernetes Network Security
RedHat OpenShift and Kubernetes provide the tools to deploy and manage containers at scale. But how can OpenShift security be integrated into the workflow? In this briefing, NeuVector CTO Gary Duan introduces the docker container threat landscape and the Openshift security requirements for the Build, Ship, and Run phases. Runtime visibility and Kubernetes security is especially difficult and requires automation and built-in intelligence to scale. He shows how NeuVector inspects and visualizes network connections and protects OpenShift managed containers during runtime. NeuVector uses behavioral intelligence to discover the container application stack and network connections and builds a whitelist-based security policy to protect containers as they scale up or down.
Gary also demonstrates how NeuVector captures network connections for applications deployed with OpenShift and provides multiple security layers for protecting and auditing an OpenShift environment. A demo of the Dirty Cow Linux exploit on a container demonstrates how the NeuVector OpenShift security container can detect violations and privilege escalations in a kubernetes container environment.
Read the entire article here, RedHat OpenShift Security – Kubernetes Network Security