Kubernetes Security: Capture the Flag and Container Escape - August 2021
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Dive into a hands-on Capture the Flag challenge focused on securing Kubernetes environments in this 1-hour conference talk. Explore various aspects of Kubernetes security, including container escape techniques, webshell exploitation, and cluster vulnerabilities. Learn to identify and mitigate security risks by following a step-by-step walkthrough of both red team (attacker) and blue team (defender) perspectives. Gain practical insights into Kubernetes Engine security, container runtime protection, and essential kubectl commands for enhancing cluster security. Develop a deeper understanding of Kubernetes version-specific vulnerabilities and best practices for maintaining a robust security posture in cloud-native environments.
Syllabus
Intro
Welcome
Securing Kubernetes
Capture the Flag
Escape the Container
Getting Started
Kubernetes Engine
Free Compute
Red and Blue
Red
Webshell
Flowchart
Walkthrough
Running id
Checking files
Password hashes
Root
Container Runtime
Kubernetes Cluster
Kubernetes Version
Kubernetes Security
Cubectl off
Pods
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Security Best Practices in Google CloudGoogle Cloud via Coursera Architecting with Google Kubernetes Engine: Production en Français
Google Cloud via Coursera Configuring and Managing Kubernetes Security
Pluralsight Security Best Practices in Google Cloud
Pluralsight Kubernetes Security: Cluster Hardening
Pluralsight