Introduction

We will learn how to secure you containerized application using different tools and techniques.

Kubernetes is an open source tool that can be extremely useful when orchestrating your containerized application running across a cluster of machines. But while kubernetes automates many of the tedious tasks required to deploy containerized apps, one critical thing that it doesn’t manage in most respects is security. Kubernetes is not a container security tool, and it would be a big mistake to assume that Kubernetes can defend your containerized app from cyber attacks.

During this lab, we will learn how to secure you containerized application using different tools and techniques.

While some of the tools you will be seeing below are specific to IBM Cloud, similar tools are also available on other cloud providers. The links to these and different open source tools will be provided. The purpose of this lab is to learn the concepts while showing a demo on IBM Cloud.

Prerequisites

• Sign up for IBM Cloud Account and create a cluster

• Install CLI tools and get access to the cluster from command line

• Clone github repository

Once you have the prerequisites set up, you can follow along with any of the labs below.

Secure your container image using Vulnerability AdvisorProtect sensitive information using KMSSecure service to service communication using IstioSetup runtime security for the cluster using Sysdig FalcoConclusion