Name: Tutorial: Attacking and Defending Kubernetes Clusters: A Guided Tour - Brad Geesaman, Brad Geesaman Consulting; Jimmy Mesta, KSOC, Inc.; Tabitha Sable, Independent; & Peter Benjamin, Teradata (Limited Available Seating; First-Come, First-Served Basis)
Start: 2019-11-21T16:25:00-0800
End: 2019-11-21T17:55:00-0800

San Diego, California
November 18–21, 2019
Click here for more information and registration

View Main Conference Venue and Sponsor Showcase Maps

Back To Schedule

Tutorial: Attacking and Defending Kubernetes Clusters: A Guided Tour - Brad Geesaman, Brad Geesaman Consulting; Jimmy Mesta, KSOC, Inc.; Tabitha Sable, Independent; & Peter Benjamin, Teradata (Limited Available Seating; First-Come, First-Served Basis)

Feedback form is now closed.

Please bring your laptop fully charged as we will have limited charging stations available in the room.

Is your Kubernetes cluster able to resist the most common attacks? And, are all the necessary detection mechanisms in place to know if a security issue did occur?

In this hands-on workshop, the instructors will dive into the art and science of Kubernetes security through a series of interactive attack and defense scenarios. Attendees will learn through instructor-led exercises how to identify and exploit realistic misconfigurations in Kubernetes clusters to achieve full cluster compromise. Each attack step will be matched with hardening measures and specific methods for detection and response workflows.

Each workshop attendee will be provided with a pre-configured Kubernetes cluster running realistic workloads in a cloud-based lab environment. The tools and methodologies covered by these exercises will directly help attendees secure their own organization's clusters.

Speakers

Peter Benjamin

Principal Security Engineer

Peter Benjamin is a Software Engineer with a background in Security and a co-organizer for the San Diego Kubernetes and Go meet-ups. He has a passion for enabling engineers to build secure and scalable applications, services, and platforms on modern distributed systems.

Brad Geesaman

Director of Cloud Security, Aqua Security

Brad Geesaman is the Director of Cloud Security at Aqua Security and focuses on building solutions with a security practitioner's mindset. When he’s not hacking on cloud-native and containerized environments, he enjoys spending time with his family in Virginia, eating Mexican food... Read More →

Jimmy Mesta

Founder, KSOC, Inc.

Jimmy is a security leader that has been working in AppSec and Infrastructure Security for over 10 years. He founded and led the OWASP Santa Barbara chapter and co-organized the AppSec California security conference. Jimmy has taught at private corporate events and security conferences... Read More →

Tabitha Sable

Staff Engineer, Datadog

Tabitha Sable never met a system she didn't want to take apart. She serves the Kubernetes community as co-chair of SIG Security and a member of the Security Response Committee. At work, Tabitha leads Runtime Infrastructure Security at Datadog. She writes exploits, hardens infrastructure... Read More →

KubeCon NA 2019 Tutorial and CTF Attacking and Defending Kubernetes Clusters A Guided Tour pdf

Thursday November 21, 2019 4:25pm - 5:55pm PST
Room 30ABCDE - San Diego Convention Center Upper Level

Tutorials, Security + Identity + Policy

Experience Level Intermediate (Mid-level experience)
Session Slides Included Yes

KubeCon + CloudNativeCon North America 2019

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Peter Benjamin

Brad Geesaman

Jimmy Mesta

Tabitha Sable