CISO Trainings , Cloud Security , Security Operations

Craig Box of ARMO on Kubernetes and Complexity

Have CISOs Spent Enough Time Learning About Kubernetes to Use It Effectively?
Craig Box of ARMO on Kubernetes and Complexity
Craig Box, vice president of open source and community, ARMO

The open-source container orchestration system Kubernetes was introduced by Google in 2014 to automate software deployment, scaling and management.

Kubernetes was designed for the "academic, single-user, internal environment at Google," says Craig Box, vice president of open source and community at ARMO. Now, he says, it's a "wildly successfully open-source project" with multi-tenancy capabilities that are extremely useful but can be "way too complicated."

A lot of companies are "looking at Kubernetes to do hybrid cloud environment, running across multiple vendors," Box says. "Kubernetes makes it easy to do things that were more complicated before or took more steps," but users have to consider "how these moving parts work together" and "codify these best practices in tooling."

"With so many different pieces," Box says, a CISO should "probably spend three or four months … understanding what you want to do" with Kubernetes before deploying it.

In this episode of "Cybersecurity Unplugged," Box also discusses:

  • The role Kubernetes played in the 2018 Tesla cryptojacking attack;
  • How service mesh and sidecars can be used to do microsegmentation;
  • The possibility of using Kubernetes to power 5G systems and the storage issues particular to Kubernetes.

Box is responsible for ARMO's open-source Kubernetes security platform called Kubescape and for managing all relationships with the developer and open-source community. He was formerly the Kubernetes and advocacy lead at Google Cloud and was the founder of the "Kubernetes Podcast From Google."

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.