📄️ Overview
Well this document is basically my own experience as a Security Engineer and the approach to securing Kubernetes, containers and the applications running inside it. Working at DeepSource, I was always asked to introduce a security process right before application are pushed to staging/dev or production. After spending some time working as a security engineer now I understand why it is important to have a security process in place. When you think, it may seem like it is obvious but the why and how is what you will read here. I'll take the opportunity to also add little bit about security engineering in general. Afterall I have spent enough time and it is always good to showoff if you think you know better than others :).
📄️ The Three Stages
This is Work In Progress [Ignore below Image you see]
📄️ Security of the Host
Even before we talk about the Pods, Images running within those pods or observability. Let's talk about securing the