Kubernetes naturally introduces new variables into the digital landscape, creating potential vulnerabilities and highlighting the need for security.

So what are the nuances of building a Kubernetes-based environment that is actually secure? Deepfence Inc. has been creating a unique solution.

“Kubernetes grows, it scales, it’s elastic, and the perimeter around a Kubernetes application is very, very porous — there are lots of entry points,” said Owen Garrett (pictured), head of products and community at Deepfence. “All of the security problems in Kubernetes with cloud-native applications, they’re amplified by scale — the size of the application, the number of nodes and the complexity of the application.”

Garrett spoke with theCUBE industry analyst Paul Gillin and guest analyst Keith Townsend in a conversation at last year’s KubeCon + CloudNativeCon Europe event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed security issues around containers and Kubernetes and how Deepface has tackled this issue. (* Disclosure below.)

Using Deepfence sensors to track security threats

Security for Kubernetes applications is different than securing traditional monolithic legacy enterprise applications, according to Garrett.

“Securing a monolith is akin to securing a castle. You build a wall around it, you put guards on the gate, you control who comes in and out, and the job is more or less done,” he described. “Securing a cloud-native application — it’s like securing a city. People are roaming through the city without checks and balances. There are lots of services in the city that you’ve got to check and monitor.”

Many enterprises are having a hard time making this transition from thinking about applications as single components to microservices with multiple components, according to Garrett. This is why Deepfence has created innovative services like ThreatMapper, which provides security insights through sensors.

“We install … little lightweight sensors on each host that’s running your application,” Garrett explained. “Those sensors install little taps into the network using eBPF, and they monitor the workloads. It’s a little bit like having CCTV cameras throughout your city tracking what’s happening.”

Deepfence also looks at the entire network and gathers network signals, according to Garrett.

“We can see someone using a reconnaissance tool, roaming through your application, sending probe traffic to try and find weak points,” he stated. “We put those together, and we build a picture of the threats against each of the workloads in your cloud-native application.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the KubeCon + CloudNativeCon Europe event:

(* Disclosure: TheCUBE is a paid media partner for the KubeCon + CloudNativeCon Europe event. Red Hat Inc., the main sponsor for theCUBE’s event coverage, the Cloud Native Computing Foundation, or other sponsors do not have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE