Who Protects What? Shared Security in GKE (Cloud Next '19)


When you use a hosted cloud service, security is shared between the cloud provider, and the user — the more “”managed”” the offering, the less the user is responsible for. On Google Kubernetes Engine, Google manages the control plane, whereas the user manages the nodes. From a security point of view, what does this mean? Who is responsible for managing security updates and responding to incidents?

In this session, we’ll cover the shared responsibility model at Google and how it applies to Google Kubernetes Engine. For the components that are managed and protected by Google, we’ll lift the covers on what Google does to secure your clusters, day in, day out. For the components you’re responsible for, we’ll cover hardening that’s already in place on GKE and best practices for you to follow to further harden your workloads. We’ll finish with tools you can use to supplement your security posture on GKE.

Shared Security in GKE → http://bit.ly/2TZdgEY
Hardening Your Cluster’s Security → https://bit.ly/2TZglow

Watch more:
Next ’19 Security Sessions here → https://bit.ly/Next19Security
Next ‘19 All Sessions playlist → https://bit.ly/Next19AllSessions

Subscribe to the GCP Channel → https://bit.ly/GCloudPlatform

Speaker(s): Jesse Endahl, Maya Kaczorowski

Session ID: SEC110
product:Kubernetes Engine,Containers,Cloud Security Command Center,APIs; fullname:Maya Kaczorowski;


Duration: 41:43
Publisher: Google Cloud
You can watch this video also at the source.


Join Us