In summer 2018, the Gardener project team asked Kinvolk to execute several penetration tests in its role as a third-party contractor. We applied our Kubernetes expertise to identify vulnerabilities on Gardener installations and to make recommendations.
Some of our findings are now presented in this article on the Gardener website.
We presented some of our findings in a joint presentation with SAP entitled Hardening Multi-Cloud Kubernetes Clusters as a Service at KubeCon 2018 in Shanghai. The slides in PDF and the video recording are now available.
If you need help with penetration testing your installation, please contact us at [email protected].