Engineering Blog

Securing 900 K8s: Mercedes-Benz’s Journey to VAPs

This talk explores how Mercedes-Benz secures their massive Kubernetes environment (over 900 clusters!). While Pod Security Policies (PSPs) were previously used, they’ve been deprecated. The new Pod Security Standards (PSS) lack the flexibility needed for Mercedes-Benz’s complex setup.

Watch the video to learn:

  • Why traditional PSPs weren’t ideal for Mercedes-Benz’s needs
  • How they implemented Pod Security using Kyverno, OPA, and Validating Admission Policies (VAPs)
  • The benefits of a native VAP solution over open-source tools
  • Practical examples and lessons learned

This talk is ideal for anyone managing large Kubernetes deployments and seeking robust security solutions.

Explore Video

Securing 900 Kubernetes Clusters Without PSP – Mercedes-Benz’ Journey to ValidatingAdmissionPolicies

Reference- CNCF

Previous Post
Next Post