24. Container and Kubernetes Security
Containers and Kubernetes introduce new security challenges. This mind map covers securing the complete container lifecycle from image build to runtime in production.
Topics Covered
- Docker: image layers, rootless containers
- Container image scanning: Trivy, Grype
- Kubernetes RBAC and least privilege
- Pod Security Standards
- Network policies and microsegmentation
- Secrets management: Vault
- Runtime security: Falco, Sysdig
- CI/CD supply chain security
- CIS Kubernetes Benchmark