Abstract

Containers and Kubernetes have become cornerstones of modern software development. The workshop dives into common attack vectors and practical mitigations to secure containerized applications in Kubernetes clusters.

Based on the desired format, it is possible to just follow along or get your own hands dirty by executing selected attacks.

Target Audience

Software Engineers, System Administrators, DevOps; Basic experience with containers and Kubernetes.

Details

The most important attack vectors as well as effective mitigations based on common best practices are introduced in detail, such as:

• Base images and hardening
• Permission management
• Security scanning
• Secret management
• Configuration management
• Pod security policy, security context and pod security admission
• Traffic encryption and network separation
• Authentication and RBAC
• Admission controllers
• Artifact integrity validation
• ...

Selected attacks and mitigations will demonstrated and can be tested by attendees on their own devices.