Don’t trust Rufus, he’s a mole – introducing KIEMPossible

Kubernetes has become a center of modern cloud-native applications. Its complex architecture and dynamic nature introduce new security issues regularly, and while significant strides have been made in addressing security challenges, the task of managing entities and their access rights remains daunting.

This talk will explore authorization auditing, examining the challenges of identifying cluster entities and access rights vs the required privileges to perform their intended tasks. We will discuss the importance of audit logs in understanding access patterns and complexities associated with such log analysis.

We will introduce KIEMPossible, an open-source tool designed to help achieve least privilege status. KIEMPossible analyzes entities’ permissions and usage through audit logs, providing insights for informed decision-making. This aims to simplify Kubernetes Infrastructure Entitlement Management (KIEM), allowing organizations to mitigate risks associated with excessive privileges.