If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
Cloud native technology has made its way into critical infrastructure. Controlling transmission grids, energy stock exchanges and in the future government applications gets closer and closer to the way how the big providers are running applications in their public cloud.
However, for security reasons expressed in regulation and standards require air gapped environments. The talks describes the architecture of applications designed for this kind of environments, how they are developed and updated and secured.
The author discusses regulations, especially of the German BSI, CIS, NIST, what is there and what is missing and must be adapted from international standards. These kind of use cases assume a certain maturity of K8S, we check what has improved in the last year and what is still missing.
The talk contains more than traces of DevSecOps, GitOps and code signing. ~Hacking~ Trainings examples are available at https://github.com/thomasfricke/training-kubernetes-security