A Treasure Map of Hacking and Defending Kubernetes
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Embark on a comprehensive journey through Kubernetes security with this 38-minute conference talk by Andrew Martin from ControlPlane. Explore threat modeling techniques for Kubernetes clusters and learn how to both attack and defend them against various adversaries. Gain insights into historical and current CVEs, misconfigurations, and advanced attack methods. Discover how to protect containers, pods, supply chains, networks, storage, policies, and organizational assets. Evaluate the use of next-generation runtimes like gVisor, firecracker, and Kata Containers. Delve into workload identity concepts and advanced runtime hardening techniques. Analyze trust boundaries in multi-tenant systems to assess and mitigate compromise risks. Navigate the complexities of advanced Kubernetes security to enhance your cluster's defenses against potential threats.
Syllabus
A Treasure Map of Hacking (and Defending) Kubernetes - Andrew Martin, ControlPlane
Taught by
CNCF [Cloud Native Computing Foundation]