A security journey to open source

By Kaizhe Huang - SEPTEMBER 2, 2020


Learn Kubernetes Security
After more than 10 years researching security issues, I wrote a book about it! I have been working in the security industry for more than 10 years. Before I joined Sysdig, I worked at several companies, focusing on database security, data security to Docker, and Kubernetes security. While I have enjoyed all of my positions, Sysdig is where I was able to join the open source community. Through my research, talks at conferences, and experiences helping developers navigate their container and Kubernetes environments, I realized that there is so much value in sharing.

Learning from the open source community

I feel privileged to be involved with the open source community. People are passionate about security and contribute all kinds of ideas to improve the security landscape of the container world. And there are a handful of open source projects to help secure cloud-native environments that I find extremely powerful: image scanning tools like Clair, Anchor, and Trivy; Open Policy Agent (OPA), Falco, Prometheus, and Sysdig, to name a few. While my research and position at Sysdig gives me a platform to share my learning, I attribute much of what I know to the community. My book, Learn Kubernetes Security, which I co-wrote with Pranjal Jumde, is a place where I have organized my learning for a broader audience. Only with the help of rich resources in the open source community have we been able to achieve this.

Learn Kubernetes Security

In Learn Kubernetes Security, you will find hands-on examples on how to use open source tools such as Anchore, Prometheus, OPA, Falco, and Sysdig to protect your Kubernetes deployments. I feel extremely lucky that I have been able to learn so much about Kubernetes security, and since it is an emerging industry, people are continuing to learn from each other. After reading the book, we hope that people take away the following:
  • An understanding of the basics of Kubernetes architecture and networking
  • Gain insights into different security integrations provided by the Kubernetes platform
  • An understanding of Kubernetes’ threat modeling and security domains
  • Have a better understanding of different security configurations from a variety of practical examples
  • Get to grips with using and deploying open source tools to protect your deployments
  • Discover techniques to mitigate or prevent known Kubernetes hacks
I am grateful for the opportunity to learn and grow at Sysdig, as well as within the open source community. I do know that there is still a long way to go in the journey of open source, but together we’ll help the cloud-native ecosystem be better and more secure. Learn Kubernetes Security is on sale now through Amazon and PacktPub, and a preview can be viewed on Google Books. If you want to read some of Kaizhe’s past security research, check out some of his previous blog posts:

Subscribe and get the latest updates