Welcome to the Elephant in AppSec, the podcast to explore, challenge, and boldly face the AppSec Elephants in the room. Today, we’re joined by Raunaq Arora, Lead Application Security Engineer at Chipotle. Raunaq’s journey into security was almost accidental, starting as a developer who quickly developed a knack for breaking and building secure applications. Now, his expertise lies in securing Kubernetes environments at scale and aligning security strategies with business priorities. Last year, he took the RSA Conference stage to share how his team built a secure Kubernetes environment by integrating CIS controls into SDLC pipelines—turning security into the perfect burrito recipe. In this episode, we tackle the ever-growing adoption of Kubernetes and ask the hard questions: Are we racing to deploy this shiny technology while ignoring its massive security risks? Are organizations blindly treating Kubernetes like a “silver bullet,” leaving their infrastructure vulnerable? Raunaq doesn’t hold back as we explore the tools and practices needed to cut through the hype and address the real challenges of Kubernetes security. Dive right in!
Useful repos: https://ramitsurana.github.io/awesome-kubernetes/