Helm security – a look below deck

CNCF Member Online program
Presented by: Snyk

Recorded: Tuesday February 25, 2020

Download Slides

Program Speakers: Matt Farina, Helm Maintainer @Samsung SDS, Hayley Denbraver, Developer Advocate @Snyk, and Raghavan Srinivas, Lead Container Developer Advocate @Snyk

Helm and Kubernetes have been built with security in mind and are adapting to community requests–dropping tiller in Helm v3 onwards, for example. In this webinar, we will look at some of the security aspects specific to Helm that you can leverage in Helm v3. You’ll also learn about how you can detect and fix base container image vulnerabilities along with using Kubernetes security features inside of charts. To close, we will take a look at known vulnerabilities in Helm charts, summarize the findings from a recent Helm security report and what you as devops professionals can do to mitigate risk and harden Kubernetes clusters

Webinar outline:
* A quick introduction to Helm
* Verifying Helm installations
* Signing and verifying Helm charts
* Detecting and fixing vulnerabilities in container images
* Kubernetes security in your charts
* Summary of findings from the Helm charts security report