Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!

In this talk, Fabian Kammel and James Cleverley-Prance demonstrate common attacks and offensive techniques against Kubernetes clusters and workloads, as well as the runtime controls to protect against them. Scenarios include leveraging compromised containers, exploiting RBAC misconfigurations, and hijacking clusters. The talk maps these attacks to threat model resources like the MITRE ATT&CK® Containers Matrix and CNCF Financial Services User Group attack trees, explaining how to use them for threat modeling, security testing, and defending Kubernetes clusters.