The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Central European Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis.
Many options are available to increase the security posture of a Kubernetes cluster. But which ones to prioritize, and why? In this talk, we take a data-based and threat-informed approach to prioritizing security investments. We start by describing the attacks we've seen over the past year on a network of Docker and Kubernetes honeypots we've deployed publicly-facing on the internet, mimicking the Docker API, Kubernetes API server, and Kubelet API to catch what attackers are doing in the wild. Then, we review several high-profile container escape vulnerabilities and how they've been exploited in the wild. Based on this, we list the most common ways attackers attempt to deploy malicious workloads, backdoor a cluster, or escape containers—and what are the most effective and "bang for your buck" security mechanisms that you can implement in your own cluster.
Christophe lives in Switzerland and works on open source and cloud security at Datadog. He's passionate about cloud-native technologies, information security, and especially the intersection of both. He previously worked as a software developer, penetration tester and cloud security... Read More →
Fred is a security researcher at Datadog, focusing on threat research. Fred is a fervent open source advocate and started his career by developing a digital forensics open source framework. He also worked at a CERT (Computer Emergency Response Team) dealing with threat intelligence... Read More →
