Cybersecurity INSIGHTS
Kubernetes and Complexity
Craig Box is the vice president of open source and community at ARMO. He is responsible for ARMO’s open source Kubernetes security platform called Kubescape and for managing all relationships with the developer and open source community. Box was formerly the Kubernetes and advocacy lead at Google Cloud and joined Google in 2014, just as Kubernetes was about to be released and has acted as a vital link between Google’s Kubernetes development team and the wider community of developers who use the software. Most recently, he was deeply involved in Istio, the leading open source service mesh, acting as Istio steering committee member and driving Istio toward its recent acceptance as a CNCF incubation project. Box is also the founder of the popular Kubernetes podcast from Google, the largest and most popular podcast about Kubernetes and a major source for relevant news and updates in the industry.
In relation to the capacity that current CISOs deal with, have we spent enough time learning about Kubernetes? To this, Box says:
I think it’s way too complicated. And we should throw away all the digitalization that we’ve been dependent on paper. Kubernetes has this challenge. And it’s a word with two meanings. And the easiest analogy I can give to you is it’s a bit like Linux, Linux is a kernel. And there are a million different ways you can compile and tune the Linux kernel. But, in general, over the course of the past 20 years, we’ve moved away from having to care too much about that, we have a vendor who gives us a Linux distribution, and that made a bunch of choices for us.
In this episode of Cybersecurity Unplugged, Box also discusses:
- Service mesh as a potential solution D and how that might work in an optimal world;
- The different ways that Kubernetes and 5G overlap;
- The safe boundary between generic Kubernetes.
