Explore a comprehensive conference talk from DEF CON 32 that delves into the critical aspects of Kubernetes security monitoring and attack simulation. Learn how Security Operations Centers (SOC) can adapt their monitoring strategies from traditional server and network environments to modern container orchestration platforms. Discover essential Tactics, Techniques, and Procedures (TTPs) for Kubernetes, understand relevant attack signatures, and identify crucial logs for effective security monitoring. Gain insights into strategies for continuous Kubernetes threat emulation and understand why prevention alone isn't sufficient in managing enterprise risks. Through the lens of purple team exercises and real-world enterprise experience, master the proactive approach to securing Kubernetes clusters. Walk away with practical knowledge for planning and executing attack detection exercises in containerized environments, making this essential viewing for both defensive and offensive security practitioners working with Kubernetes infrastructure.
Kubernetes Attack Simulation - The Definitive Guide to Security Monitoring and Detection
Overview
Syllabus
DEF CON 32 - Kubernetes Attack Simulation The Definitive Guide - Leo Tsaousis
Taught by
DEFCONConference
Related Courses
-
Attacking and Defending Kubernetes Clusters with KubeHound Attack Graph Model
-
Purple Teaming: Attack Simulation and Control Validation with Atomic Red
-
KubeHound - Identifying Attack Paths in Kubernetes Clusters at Scale
-
Bypassing Falco - Cluster Compromise Without Tripping the SOC
-
Hacking Kubernetes: Live Demo Marathon
-
Kubernetes Risk Assessment - Going One Level Deeper
