With the rise of Kubernetes, the Java developer has arrived in the DevOps age as well.
By the multitude of complex tasks, the necessary security is often neglected. Even in managed clusters of well-known cloud providers, there are many traps and points of attack lurking.
In this presentation, essential security-critical components of a Kubernetes cluster will be presented. Security problems and corresponding measures to mitigate these will be shown. All steps are described using live demos with an exemplary Spring Boot Java application, that is deployed as a docker container in a Kubernetes cluster, taking into account recommended security patterns.