On-Demand Webinar

Say Goodbye to PSPs?! Migrate your PSP Rules to OPA with No Hassle

Pod Security Policies (PSPs) are cluster-wide resources that control security-sensitive aspects of pod specification. They define a set of conditions that a pod must run with in order to be accepted into the system.

Due to its limitations, the Kubernetes Auth Special Interest Group (AKA sig-auth) announced PSPs would be deprecated in Kubernetes 1.21. This decision could leave many Kubernetes users at risk of being exposed to various exploits. Adversaries may utilize the lack of such policy to run privileged pods, create pods on host namespaces or networks, and much more. One of the best alternatives for Kubernetes users to mitigate PSP deprecation is through the built-in admission controller utilizing Open Policy Agent (OPA) rules.

Join us as we:

Discuss the main limitation in PSP to explain how OPA is a better overall solution
Show how the Kube-policy-advisor tool works and how it’s possible to generate an OPA Rule from a live environment
Enforce the rule using Kubernetes Admission Controller
See how OPA works, with the new rule in place, when we try to deploy a non-compliant pod

Speakers:

Stefano Chierici, Security Researcher, Sysdig

‍

Select Your Webinars

Apr 21 - Say Goodbye to PSPs?! Migrate your PSP Rules to OPA with No Hassle

August 24 - 5 Easy Ways to Secure Images & Prioritize Risk from Source to Run On AWSSep 06 - How Does Your Kubernetes Environment Stack Up?Sep 13 - How to Improve Security for Cloud-Native App Platforms in 3 Easy Steps for AzureSep 15 - Becoming a Cloud Security Ninja: Sharpen your Cloud Threat Detection Sword with Machine LearningSep 20 - 5 Best Practices to Prevent, Detect, and Respond to Threats Lurking Within Your Azure Cloud Workloads

First Name

Last Name

Business Email

Company Name

Phone Number

Job Title

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.