A Treasure Map of Hacking (and Defending) Kubernetes

The presentation discusses threat-driven defense for Kubernetes and provides a guide on how to attack and defend clusters from various vulnerabilities and attacks.

• Threat modeling and understanding attackers' capabilities is crucial for effective defense
• Attack trees can help visualize potential attack paths and identify necessary controls
• Supply chain attacks are a significant threat to Kubernetes security
• Remote code execution and misconfigured containers are common vulnerabilities to exploit
• Advanced runtime hardening and workload identity are important for cluster security

The presenter mentions Captain Hashtag as an eight-bit adversary that represents the attackers we should be wary of. The presenter also provides a treasure map that shows how to manually pen test pods and break out of containers.

In this ultimate guide to threat-driven defence, we threat model Kubernetes and detail how to attack and defend your precious clusters from nefarious adversaries. This broad and detailed appraisal of end-to-end cluster security teaches you how to defend against a range of historical and current CVEs, misconfigurations, and advanced attacks: - See the historical relevance of CVEs and demonstrations of attacks against your containers, pods, supply chain, network, storage, policy, and wider organisation - Understand when to use next-generation runtimes like gVisor, firecracker, and Kata Containers - Delve into workload identity and advanced runtime hardening - Consider the trust boundaries in soft- and hard-multitenant systems to appraise and limit the effects of compromise - Learn to navigate the choppy waters of advanced Kubernetes security.Click here to view captioning/translation in the MeetingPlay platform!