If somebody wishes to compromise a Kubernetes cluster she either needs direct access to the API-Server or via a code execution vulnerability to gain foothold in the pods.

While there are many different ways in which the API-server can be protected however, there aren't much pre-defined methods to ensure protection/mitigation against a code execution vulnerability from being further exploited.

Hence throught this hands-on workshop I shall try to explain how to integrate security in the build process of docker images and when the container is being deployed on kubernetes clusters such that it reduces the attack potential to penetrate deeper into the cluster.

The techniques discussed are simple,doesn't meddle with the working of the application and most importantly can be templatized to scale with Kubernetes.