Overview
Explore a comprehensive conference talk from DEF CON 32 that delves into the critical aspects of Kubernetes security monitoring and attack simulation. Learn how Security Operations Centers (SOC) can adapt their monitoring strategies from traditional server and network environments to modern container orchestration platforms. Discover essential Tactics, Techniques, and Procedures (TTPs) for Kubernetes, understand relevant attack signatures, and identify crucial logs for effective security monitoring. Gain insights into strategies for continuous Kubernetes threat emulation and understand why prevention alone isn't sufficient in managing enterprise risks. Through the lens of purple team exercises and real-world enterprise experience, master the proactive approach to securing Kubernetes clusters. Walk away with practical knowledge for planning and executing attack detection exercises in containerized environments, making this essential viewing for both defensive and offensive security practitioners working with Kubernetes infrastructure.
Syllabus
DEF CON 32 - Kubernetes Attack Simulation The Definitive Guide - Leo Tsaousis
Taught by
DEFCONConference