Containers and Kubernetes are everywhere. We can see the use of Kubernetes in production increased exponentially. Still, most of the security teams struggle to understand these modern technologies.
In this training, we will see both sides (offensive & defensive) of the coin by learning tactics, techniques, and procedures (TTPs). We will start with understanding architecture and its attack surface. Then we will dive into each layer of security starting from the supply chain, infrastructure, runtime, and many others.
From an attacker’s perspective participants are able to assess and attack Kubernetes Cluster environments to gain access to microservices, sensitive data, escaping containers, escalating to clusters privileges, and even its underlying cloud environments. Also, we will be using the offensive knowledge to build and design secure cluster environments using secure defaults, RBAC, NSP, PSP(deprecating so we may see using OPA), and many other built-in and open-source components.