How (Not) To Containerise Securely
2020-03-28, 11:20–11:50, Room 1

Andy has made mistakes. He's seen even more. And in this talk he details the best and the worst of the container and Kubernetes security problems he's experienced, exploited, and remediated.

See how to bypass container and Kubernetes security controls, break out of service meshes, find and drive-by public clusters, then cover the evidence and evade detection in this interactive and highly technical appraisal of the container and cluster security landscape.

Full remediation recommendations are given for each scenario, as well as detailed examples of how to write and maintain an efficient automated security test suite -- to stop this happening to a cluster near you!