Although this is a 4 years old webinar, I found it is still worth for today. The goals of this webinar is to raise the awareness risk in K8s and demonstrate the 'live' hacking and attacking a K8s. It also provides some hardening methods and tips.
- Defaults in use early tend to stay in use.
- Systems hardened late tend to break.
The webinar introduces a number of tools for securing K8s and a lot of hardening tips for your K8s cluster.
KubeATF - A tool used to automate the creation, validation, and destruction of K8s in a consistent way.
Bulkhead - A plugin that perform security posture scans on all nodes from within your K8s.
Links: