2024-09-27 –, Murray-Fitzroy
Delve deeper into the dark and mysterious world of Kubernetes security. Start your journey deep inside the target infrastructure, collecting flags as you exploit your position in the environment and hunt for vulnerabilities, thwarting Captain Hλ$ħ𝔍Ⱥ¢k in his quest of destruction.
Attendees can play three increasingly beguiling and demanding scenarios to bushwhack their way through the dense jungle of Kubernetes security. Everybody is welcome, from beginner to hardened veteran but attendees will be expected to be hands-on to understand more about core Kubernetes components and how they can be misconfigured and compromised.
Each attendee will be given access to their own Kubernetes cluster built within our bespoke sandboxed training environment. A laptop with an SSH client is required to participate.
I like to talk about how Security is fundamental to DevOps, how Kubernetes often isn't the best answer to your problem and my lived experience of SRE.
I've been Automating toil in Linux for 20 years, but when Kubernetes came along I was initially dismissive, after all I was already building everything in Containers with Docker and orchestrating in a variety of semi-manual ways. I've since come to appreciate all it can do, what its limitations are and when NOT to use it. I've taught DevOps courses and Kubernetes courses while also helping large enterprises setup internally managed Kubernetes platforms with a product based mindset.
