![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=60,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the latest security enhancements from Kubernetes SIG Auth in this 32-minute conference talk from CNCF's KubeCon + CloudNativeCon. Learn about critical improvements to Kubernetes' authentication and authorization foundations, including secure image pulls using ephemeral ServiceAccount tokens that reduce dependency on long-lived secrets and node-scoped credentials. Discover the new mechanism for provisioning X.509 certificates directly to pods via the kubelet, enabling robust mTLS authentication and secure service-to-service communication. Understand how kubelet serving certificate validation is being hardened to prevent node impersonation attacks, particularly in dynamic and on-premises environments. Examine Dynamic Resource Allocation (DRA) support for privileged admin access to devices in use, facilitating secure diagnostics while maintaining strong isolation. Review current and future authorization improvements, including enhanced policy controls for image pull operations, and gain insights into how these comprehensive security efforts are strengthening the overall trust model across Kubernetes deployments.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
