In this article you will learn how to detect anomalies in your cluster using Kubernetes Audit logs and Anomalies Detection Engineering
Read more https://research.nccgroup.com/2021/11/10/detection-engineering-for-kubernetes-clusters

In this tutorial, we present three tools to validate and secure your Kubernetes deployments:
1. Kubeval
2. Kubeconform
3. Kubescore
Read more https://semaphoreci.com/blog/kubernetes-deployments

Container security best practices a comprehensive guide
Read more https://sysdig.com/blog/container-security-best-practices

ElastAlert 2 is a standalone software tool for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch and OpenSearch.

ElastAlert 2 is backwards compatible with the original ElastAlert rules.
Read more https://github.com/jertel/elastalert2

How do you restrict network traffic between namespaces in a Kubernetes cluster? In this guide, you'll learn how to prevent traffic between namespaces using Linkerd's traffic policies.
Read more https://buoyant.io/2021/12/14/locking-down-network-traffic-between-kubernetes-namespaces

NCC Group has found many attack paths through different security assessments that could have led to a compromised CI/CD pipeline in enterprises large and small.
In this post they will share 10 real-world stories.
Read more https://research.nccgroup.com/2022/01/13/10-real-world-stories-of-how-weve-compromised-ci-cd-pipelines

Netshoot is a Docker + Kubernetes network troubleshooting swiss-army container.
Read more https://github.com/nicolaka/netshoot

Pinniped is the easy, secure way to log in to your Kubernetes clusters.

Pinniped provides identity services to Kubernetes.
Read more https://github.com/vmware-tanzu/pinniped

In this article, you will learn how to enable IAM users and roles access on Amazon EKS.



Read more https://medium.com/@radha.sable25/enabling-iam-users-roles-access-on-amazon-eks-cluster-f69b485c674f

After reading this article, you will learn:

- How not to run pods as root.
- How to use immutable root fs (lock the root filesystem).
- How to do Docker image scan locally and with your CI pipelines.
- How to use PSP.

Read more https://blog.gitguardian.com/kubernetes-tutorial-part-1-pods

In this repository, you will find a curated list of awesome Kubernetes security resources.

Read more https://github.com/ksoclabs/awesome-kubernetes-security

This article discusses two Open Source tools for auditing cluster security: kube-bench and kube-hunter.

Read more https://blog.flant.com/kubernetes-security-with-kube-bench-and-kube-hunter

Kubernetes 1.23 includes security features to enhance cluster security:

- Support for ephemeral containers
- HostProcess containers for Windows
- PodSecurity admission controller

And more.

Read more https://blog.aquasec.com/kubernetes-version-1.23-security-features

Learn how to use eBPF and the Security Profiles Operator to automatically generate seccomp profiles, a Linux kernel security feature for Kubernetes.

Read more https://developers.redhat.com/articles/2021/12/16/secure-your-kubernetes-deployments-ebpf#what_is_the_security_profiles_operator_

Learn how to run Regula on a Kubernetes manifest to detect an insecure pod, and then learn how to secure it.

Read more https://fugue.co/blog/securing-a-kubernetes-pod-with-regula-and-open-policy-agent

A typical web application responds to requests from bots, health checks, and various attempts to circumvent security and gain unauthorized access.

Examples include:

- SQL injections.
- XSS attacks.

So, how can you filter out those malicious attempts in Kubernetes?

You have at least 2 solid options:

1. You can filter the traffic before it reaches the container.
2. You can filter the traffic at the Ingress.

Chris Nesbitt-Smith will dive into the details this coming Monday at 8am PT / 4pm CET in a live webinar.

After the session, you will have access to the code, a step-by-step tutorial and interactive labs to test the configuration (provided by NGINX).

You can register here (it's free): https://www.nginx.com/c/microservices-march-2022-kubernetes-networking-agenda/

A high-severity CVE was released that affects the Linux kernel, allowing unprivileged users to escalate those rights to root and escape from the container.
Learn how you can protect your cluster with a seccomp filter.

Read more https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes

In this post, you will learn how to incorporate the Kong Ingress Controller, KeyCloak and Kubernetes to have an initial OIDC flow to front our external services (API or web endpoints).

Read more https://dev.to/robincher/securing-your-site-via-oidc-powered-by-kong-and-keycloak-2ccc

ArgoCD-Vault-plugin is an Argo CD plugin to retrieve secrets from various Secret Management tools (HashiCorp Vault, IBM Cloud Secrets Manager, AWS Secrets Manager, etc.) and inject them into Kubernetes resources.

Read more https://github.com/argoproj-labs/argocd-vault-plugin

In this post, you will explore the different methods of integrating HashiCorp Vault with Kubernetes and learn how to choose the best solution for your use case.

Read more https://www.hashicorp.com/blog/kubernetes-vault-integration-via-sidecar-agent-injector-vs-csi-provider

In this 2 part article, you will explore Kubernetes RBAC with a few hands-on demo labs.

Read more https://medium.com/@badawekoo/using-rbac-in-kubernetes-for-authorization-complete-demo-part-1-83f0a1fb8f