We could not end this series without a short conclusion.
Securing a Kubernetes cluster is not an easy task, but it is not more complicated than securing any cloud environment or even dedicated servers.
Vulnerabilities didn't appear with cloud computing, they were there long before, but we are now equipped with the right tools to detect them and protect our infrastructures the best we can. Believe it or not, but it is even more simple to protect a production environment now than it was before.
Knowing the flaws and risks is a huge first step into security, and by reading this series, you are already in the right direction. Applying some of the rules we talked about here should already make your environment safer than 50% of other production systems.
Is it good enough though? That is for you to decide. Remember that you have to start somewhere, and it is never too late for a matter as critical as security for businesses.
Maintaining a production environment is everyone's concern, and we hope that with this series, whatever your job description might be, you feel that you can do something to secure your software and applications.
Even if security is a critical topic, it does not mean that it needs to take a hundred percent of your time. Except if it is your core business, you have more value to add by working on it on the side, as a constant reminder. It is basically the same rule as for code test coverage. Looking for the highest score might not be the best way to go on a business perspective.
Care, but don’t overthink it.
Thank you for taking this journey with us on a secured Kubernetes ride.
Hope to see you soon on our #k8s slack community channel.
You will find here a security cheat sheet with the simple purpose of listing best practices and advice to protect your production environment when running it on a Kubernetes cluster.
We detailed some of the main security issues that are found in software, and it is no surprise that information leakage is one of the most frequent security flaws.
Along with user accesses, you also need to control what is being authorized by the services you did not create yourself, and that you depend on: third parties.
