Why Kubernetes Pod Security Standards Still Leak
DevOps Daily with Fexingo: CI/CD, Kubernetes, and Modern Software Operations · 2026-06-12 · 8 min
Episode notes
Lucas and Luna revisit pod security standards in Kubernetes, digging into a specific case where a restricted PSP still allowed privilege escalation through a misconfigured seccomp profile. They walk through a real-world example from a fintech startup that ran a compliance audit and discovered their 'secure' pods were running with default-deny seccomp disabled. The conversation covers why PSPs and PSS profiles are not a silver bullet, how admission controllers can be bypassed, and what operators should actually check in their cluster logs. No fluff, just the concrete gap between policy intent and runtime reality. #Kubernetes #PodSecurity #Seccomp #ContainerSecurity #DevOps #Technology #CloudNative #SecurityAudit #PSP #PSS #AdmissionController #RuntimeSecurity #Fintech #Compliance #FexingoBusiness #BusinessPodcast #Podcast #DevOpsDaily Keep every episode free: buymeacoffee.com/fexingo