The Hacker’s Guide to Kubernetes - Patrycja Wegrzynowicz, Form3
Abstract
Do you want to see live Kubernetes hacking? Come to see interactive demos where your newly registered accounts in k8s application are hijacked. This talk guides you through various security risk of Kubernetes, focusing on OWASP Kubernetes Top 10 list. In live demos, you will find out how to exploit a range of vulnerabilities or misconfigurations in your k8s clusters, attacking containers, pods, network, or k8s components, leading to an ultimate compromise of user accounts in an exemplary web application. You will learn about common mistakes and vulnerabilities along with the best practices for hardening your Kubernetes systems.