As your organization embraces public cloud, security and compliance challenges can become top of mind. Do any of these cloud security challenges sound familiar? 1. Configuration changes occur without any security oversight. 2. Difficulty monitoring for suspicious activities to detect account compromises and insider threats. 3. Traditional network monitoring tools don't have context on cloud workloads. If you answered YES to any of the above, then join the Lacework team to discuss strategies further to solve for the above challenges effectively and ultimately gain unmatched visibility, ensure compliance, and enable actionable threat intelligence. You will leave this session better-prepared guide your team(s) towards an enterprise-grade security strategy for your public cloud environments.

1. KUBERNETES DASHBOARD
• Cluster management UI
• Web based
• Default service account needs RBAC
• Dashboards in the news

2. DISCOVERING DASHBOARDS DEMO

4. DASHBOARD FINDINGS
21K+
75% AWS
10% GCP +
Azure
Ports 80, 443,
8080

5. DASHBOARD RECOMMENDATIONS
• Disable (if possible)
• Ensure RBAC is enabled
• Avoid internet access, otherwise use
VPN, Bastion, etc

6. KUBERNETES API SERVER
• Fundamental component of Kubernetes
• REST API
• Handles authentication and authorization
• Secure & insecure port by default
• CVE-2018-1002105

7. DISCOVERING DASHBOARDS DEMO

8. API SERVER FINDINGS (INSECURE PORT)
800+

9. API SERVER RECOMMENDATIONS
• Restrict network access
• Disable insecure port
• Enable RBAC
• Look into advanced authentication options
• Upgrade