Auditing and Security Monitoring

We will learn about auditing and secure monitoring in Kubernetes.

We'll cover the following

Secure configuration
Container and Pod lifecycle events
Application logs
Actions performed by users
Managing log data
Migrating existing apps to Kubernetes

No system is 100% secure, and you should plan for the eventuality that your systems will be breached. When breaches happen, it is vital that you do at least two things:

Recognize that a breach has occurred.
Build a detailed timeline of events that cannot be repudiated.

Auditing is key to both of these requirements, and the ability to build a reliable timeline helps answer the following post-event questions: What happened? How did it happen? When did it happen? Who did it? In extreme circumstances, information like this can even be called upon in court.

Good auditing and monitoring solutions also help to identify vulnerabilities in your security systems.

With these points in mind, you should ensure that reliable auditing and monitoring is high on your list of priorities, and you should not go live in production without them.

Get hands-on with 1200+ tech skills courses.

Kubernetes Primer

Kubernetes Principles of Operation

Installing Kubernetes

Working With Pods: Theory

Working With Pods: Hands-On

Kubernetes Deployments

Kubernetes Services: Theory

Kubernetes Services: Hands-On

Service Discovery

Kubernetes Storage

ConfigMaps

StatefulSets

Threat Modeling Kubernetes

Real-World Kubernetes Security

Conclusion

APPENDIX A: Other Important Stuff

Auditing and Security Monitoring