Securing Drupal on Kubernetes
nicksanta
Running Drupal on Kubernetes presents plenty of challenges and security is no exception! This session will explore a number of strategies to lift the security posture of your Drupal apps running on kubernetes, including:
- Web Application Firewalls
- Mutual TLS and end-to-end encryption
- Encrypted storage
- Secret management
- Encryption as a service
Learning Objectives
If you attend this session, you should be able to:
- Implement effective secret management in Drupal with Kubernetes tooling
- Implement native TLS connections for Drupal databases and cache backends
- Evaluate service meshes for suitability in your particular environment and use case
- Protect applications from the edge of your stack with web application firewalls
Target Audience
This session is aimed towards kubernetes operators, and drupal developers deploying to a kubernetes cluster. There are also many parts of the session which will apply more generally to AWS and other cloud services.
Despite this, anyone with an interest in web application security will gain something from this session.
Prerequisites
Attendees will benefit by having familiarity with Kubernetes concepts - however it is not necessary to be running production clusters or be an expert.
Track
DevOps & Infrastructure
Experience Level
Advanced
If no timezone is set on your profile, time is displayed in UTC.
Update your profile's timezone
