Proposed by: Sumir Broota
Hacking & Securing Kubernetes
--- For any posts
Demoing & discussing guidelines to secure your k8s workloads and showing the impact of an attack on an insecure cluster
---
--- For CFP approvers
Will be covering parts of OWASP top 10 for kubernetes (https://owasp.org/www-project-kubernetes-top-ten/), NSA & CISA Guidelines (https://research.nccgroup.com/2021/09/09/nsa-cisa-kubernetes-security-guidance-a-critical-review/), CIS Benchmark (https://www.cisecurity.org/benchmark/kubernetes), while also giving a demo on how to test your k8s security standing with OSS tool kube-bench (https://github.com/aquasecurity/kube-bench). Additionally will be using the OSS project kube-goat to demo methods of hacking k8s deployments.
---
Source code/Reference: https://www.canva.com/design/DAGCIyiArVc/djLD5z3mw-dKbys7hmTLxg/edit
Talk duration: