• Title: Hacking Kubernetes: Threat-Driven Analysis and Defense
• Author(s) Andrew Martin (Author), Michael Hausenblas (Author)
• Publisher: O'Reilly Media; 1st edition (November 2, 2021); eBook (Compliments of ControlPlane, Chapter 1-4)
• Permission: Free First FOUR Chapters of the Book is Complimented by ControlPlane
• Paperback: 314 pages
• eBook: PDF (Chapter 1-4)
• Language: English
• ISBN-10: 1492081736
• ISBN-13: 978-1492081739
• Share This:  

Book Description

Want to run your Kubernetes workloads safely and securely? This practical book provides a threat-based guide to Kubernetes security. Each chapter examines a particular component's architecture and potential default settings and then reviews existing high-profile attacks and historical Common Vulnerabilities and Exposures (CVEs). Authors Andrew Martin and Michael Hausenblas share best-practice configuration to help you harden clusters from possible angles of attack.

This book begins with a vanilla Kubernetes installation with built-in defaults. You'll examine an abstract threat model of a distributed system running arbitrary workloads, and then progress to a detailed assessment of each component of a secure Kubernetes system.

• Andrew Martin is CEO of ControlPlane.
• Michael Hausenblas is Product Developer Advocate Amazon Web Service.

• Amazon

• Hacking and Hackers
• Software Containers & Virtualization
• Cloud Computing, Serverless, and Distributed Systems, etc.
• Software Engineering Principles and Practices
• Books by O'Reilly®

• Hacking Kubernetes: Threat-Driven Analysis and Defense (Andrew Martin, et al)
• The Mirror Site (1) - PDF

• Kubernetes Security and Observability: Securing Containers

  Kubernetes is not secure by default. This book will take you through the full breadth of new cloud-native approaches for establishing security and observability for applications running on Kubernetes.

• Security as Code: DevSecOps Patterns with AWS (BK Das, et al.)

  It demonstrates how to use this methodology to secure any application and infrastructure you want to deploy. You'll learn how to create a secure containerized application with Kubernetes using CI/CD tooling from AWS and open source providers.

• Building Secure and Reliable Systems: Best Practices

  Security is crucial to the design and operation of scalable systems in production. Experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.

• Learn Ethical Hacking from Scratch (Zaid Sabih)

  You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices.

• Kubernetes: Up and Running: Dive into the Future of Infrastructure

  This practical book shows developers and ops personnel how Kubernetes and container technology can help you achieve new levels of velocity, agility, reliability, and efficiency. It explains how this system fits into the lifecycle of a distributed application.

• Kubernetes Patterns: Designing Cloud-Native Applications

  This book provides common reusable elements, patterns, principles, and practices for designing and implementing cloud-native applications on Kubernetes. It is based on use cases and lessons learned from real-world projects.

• Kubernetes for Full-Stack Developers (Jamon Camisso, et al)

  This book helps newcomers and experienced users alike learn about Kubernetes, introduces core Kubernetes concepts and to build on them to a level where running an application on a production cluster is a familiar, repeatable, and automated process.

• Cloud Native DevOps with Kubernetes (Justin Domingus, et al.)

  This book guides you through the growing Kubernetes ecosystem and provides practical solutions to everyday problems with software tools currently in use. It shows you what Kubernetes can do - and what you can do with it.

• Kubernetes Operators: Automating the Container Orchestration

  This book explains what an Operator is and how Operators extend the Kubernetes API. It shows how to deploy and use existing Operators, and how to create and distribute Operators for your applications using the Operator Framework.

• Kubernetes: Scheduling the Future at Cloud Scale (David Rensin)

  This book introduces you to Kubernetes, a cluster management system from Google that's capable of scheduling and launching roughly 7,000 containers a second. It explains piece-by-piece how this system works.

• Kubernetes Succinctly (Rahul Rai, et al)

  This book is your guide to learning Kubernetes and leveraging its many capabilities for developing, validating, and maintaining your applications. It explains how Kubernetes fits into the lifecycle of a distributed application.

• DevOps for Digital Leaders

  This book provides digital leaders who are accountable for the rapid development of high-quality software applications a concise guide to designing, implementing, measuring, and improving DevOps programs that are tailored to their organizations.

• Docker Succinctly (Elton Stoneman)

  It teaches you the skills and knowledge you need to create, deploy, and manage applications hosted in Docker containers. You will learn the basics of building Docker images, sharing them on the Docker Hub, orchestrating containers to deliver large apps.