2025-11-08 –, Room 2
Leonardo DiCaprio made it look glamorous, but real-world container escapes are less Hollywood and more chaotic. Still, the parallels are striking. Like Frank Abagnale slipping past the guards at an Atlanta prison, modern attackers escape containers not with brute force but with clever misdirection: exploiting weak isolation, abusing misconfigured permissions, and sidestepping detection.
In this talk, we’ll trace the path of a container breakout—from the initial escape to lateral movement across a Kubernetes cluster. We’ll walk through the attack step by step (yep, there’s a demo), then flip the perspective to show how modern defenses shut it down.
We’ll cover:
- How container escapes actually happen in the wild
- What user namespaces in Kubernetes 1.33 bring to the table
- How to achieve multi-tenancy workload isolation
- How to detect breakout attempts before they go full clusterf*ck
Whether you're a platform engineer, security lead, or just into a good cat-and-mouse chase through the control plane, you’ll leave with real-world tactics for keeping your cluster escape-proof.
Ann Wallace is the Head of Customer Experience at Edera, a women-founded startup reimagining cloud security from the ground up. Before Edera, she held leadership and architecture roles in security and cloud at Okta, Shopify, Google, and Nike. Ann speaks regularly at conferences on topics like compliance, container security, and using storytelling to make security education actually stick. When she’s not talking about isolation boundaries, she’s probably somewhere in the Pacific Northwest, trail running with her dirtbag dog, Cedar.