Kubernetes-native Security with Starboard

Daniel Pacak, Liz Rice at KubeCon + CloudNativeCon North America 2020

Starboard is an open source project that gathers security information from various different tools into Kubernetes CRDs, so users can manage & access security reports through familiar Kubernetes interfaces, like kubectl or Octant. This talk uses plenty of demos to describe the motivations behind Starboard, and design challenges such as: - how reports can relate to different resources, from pods through to entire clusters - showing security information for running workloads - extensibility and plugins Learn how to use Starboard generate to actionable security information that's visible to the people who need it. See how to extend Starboard to integrate your favourite security tool, if it isn't already covered today. This “Advanced” talk won’t hold back from showing you the code! It assumes basic familiarity with security tools like vulnerability scanning, YAML checks & CIS benchmarks.