Name: Tutorial: Attacking and Defending Kubernetes Clusters: A Guided Tour - Brad Geesaman, Brad Geesaman Consulting; Jimmy Mesta, KSOC, Inc.; Tabitha Sable, Independent; & Peter Benjamin, Teradata (Limited Available Seating; First-Come, First-Served Basis)
Start: 2019-11-21T16:25:00-0800
End: 2019-11-21T17:55:00-0800

San Diego, California
November 18–21, 2019
Click here for more information and registration

View Main Conference Venue and Sponsor Showcase Maps

Back To Schedule

Tutorial: Attacking and Defending Kubernetes Clusters: A Guided Tour - Brad Geesaman, Brad Geesaman Consulting; Jimmy Mesta, KSOC, Inc.; Tabitha Sable, Independent; & Peter Benjamin, Teradata (Limited Available Seating; First-Come, First-Served Basis)

Feedback form is now closed.

Please bring your laptop fully charged as we will have limited charging stations available in the room.

Is your Kubernetes cluster able to resist the most common attacks? And, are all the necessary detection mechanisms in place to know if a security issue did occur?

In this hands-on workshop, the instructors will dive into the art and science of Kubernetes security through a series of interactive attack and defense scenarios. Attendees will learn through instructor-led exercises how to identify and exploit realistic misconfigurations in Kubernetes clusters to achieve full cluster compromise. Each attack step will be matched with hardening measures and specific methods for detection and response workflows.

Each workshop attendee will be provided with a pre-configured Kubernetes cluster running realistic workloads in a cloud-based lab environment. The tools and methodologies covered by these exercises will directly help attendees secure their own organization's clusters.

Speakers

Peter Benjamin

Principal Security Engineer

Peter Benjamin is a Software Engineer with a background in Security and a co-organizer for the San Diego Kubernetes and Go meet-ups. He has a passion for enabling engineers to build secure and scalable applications, services, and platforms on modern distributed systems.

Brad Geesaman

Staff Security Engineer, Ghost Security

Brad Geesaman is a Staff Security Engineer at Ghost Security and focuses on researching and building cloud-native systems with a security practitioner's mindset. When he’s not hacking on containerized environments, he enjoys spending time with his family in Virginia, eating Mexican... Read More →

Jimmy Mesta

Co-Founder, KSOC

Jimmy Mesta is the Co-Founder and CTO at KSOC. He is a veteran security engineering leader focusing on building cloud-native security products. Prior to KSOC, Jimmy held senior leadership positions at a number of enterprises including Signal Sciences (acquired by Fastly) where he... Read More →

Tabitha Sable

Staff Engineer, Datadog

Tabitha Sable never met a system she didn't want to take apart. She serves the Kubernetes community as co-chair of SIG Security and a member of the Security Response Committee. At work, Tabitha leads Runtime Infrastructure Security at Datadog. She writes exploits, hardens infrastructure... Read More →

KubeCon NA 2019 Tutorial and CTF Attacking and Defending Kubernetes Clusters A Guided Tour pdf

Thursday November 21, 2019 4:25pm - 5:55pm PST
Room 30ABCDE - San Diego Convention Center Upper Level

Tutorials, Security + Identity + Policy

Experience Level Intermediate (Mid-level experience)
Session Slides Included Yes

KubeCon + CloudNativeCon North America 2019

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Peter Benjamin

Brad Geesaman

Jimmy Mesta

Tabitha Sable