Explore the intricacies of container security in this 52-minute conference talk presented by Anais Urlichs for the OWASP Foundation. Delve into the fundamentals of containerization, starting with the concept of turning processes into contained processes and understanding Docker as a command execution service. Gain insights into Kubernetes architecture and its role in container orchestration. Examine the layered structure of the container stack and learn about potential vulnerabilities, including container breakout CVEs. Investigate the Kubernetes control plane, networking complexities, and the role of cluster nodes as routers. Analyze specific security concerns such as CVE-2020-8554 and its impact on services. Discuss the future landscape of network attacks in containerized environments. Address user management challenges in Kubernetes and explore the intricacies of Role-Based Access Control (RBAC). Conclude with a comprehensive overview of container security best practices and emerging trends in the field. Read more