DEV Community

Madhu Akula
Madhu Akula

Posted on • Originally published at Medium on

DEF CON Training — A Practical Approach to Breaking & Pwning Kubernetes Clusters

DEF CON Training — A Practical Approach to Breaking & Pwning Kubernetes Clusters

Popular Kubernetes Security Hacking @ DEF CON Trainings


https://defcontrainings.myshopify.com/products/madhu-akula-a-practical-approach-to-breaking-pwning-kubernetes-clusters

Woah! It’s amazing to see DEF CON 30 has started the training officially 🙌

I’ve been presenting and sharing my research at DEF CON since 2016 via workshops, talks, etc among other conferences around the globe. But this time I’m super excited to teach my popular training at the global hacker's stage on “A Practical Approach to Breaking & Pwning Kubernetes Clusters”.

If you are interested in learning something from some of my previous research, trainings, workshops and knowledge. Here are some of my content and give aways!

Introduction to DEF CON and Training

DEF CON (also written as DEFCON , Defcon, or DC ) is one of the world’s largest and most notable hacker conventions, held annually in Las Vegas, Nevada. The attendees include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be “hacked”.

https://en.wikipedia.org/wiki/DEF_CON

DEF CON has been the world’s most influential hacker con for thirty years. This year DEF CON running intensive, two-day courses of study with world-class instructors aimed at building specific skills in a challenging, fast-paced environment. In some cases, these courses will carry a certification.

Why should I join A Practical Approach to Breaking & Pwning Kubernetes Clusters Training?

Yes, that’s a great question 😊

Here are 3 reasons among many others hundreds 😅

👉 Why Kubernetes security?

Containers, Kubernetes is used everywhere, and understanding its security is paramount to break & hack or protect & defend against security attacks and vulnerabilities in the ever-growing and adapting ecosystem

👉 Then why me?

I have been working on containers and Kubernetes since 2016, as I’ve previously mentioned did a ton of research and shared it with the community and conferences like Blackhat, DEFCON, USENIX, SANS, OWASP, etc. among many others. Apart from that, I’ve also created a practical interactive community learning playground to teach about Kubernetes Security using “Kubernetes Goat”. Which helped thousands of folks around the globe to learn and understand real-world attacks and security misconfigurations.

👉 It looks like you already sold me? Anything else?

Yes, here are some more things I believe why it helps you 😊

  • This course is built from years of experience and real-world knowledge put as simulated scenarios of testing hundreds of clusters. Also built by the author of Kubernetes Goat and Hacker container
  • It has a complete hands-on approach, from beyond basic attacks to privilege escalation, exploitation, lateral movement, persistence, defense evasion, and many other techniques
  • To gain the confidence to perform pen-testing, red teaming, and security architecture reviews of Kubernetes Clusters and Containerised environments

What I will get out of the Training?

  • Real-World practical knowledge of effectively performing Pentesting/RedTeam/Security reviews of Kubernetes and Containersed environments
  • Going beyond basics, showcasing attack trees, and chaining vulnerabilities to cover the possible security risks like privilege escalation, exploitation, lateral movement, persistence, defense evasion, and many other techniques
  • Complete Digital Guide book, cheat sheets, many other resources, and references to further your learning

A little glimpse of the Training


Some of the fantastic hacking, breaking, and Pwning of clusters, nodes, containers, and cloud environments!

Okay, I’m super excited now. How can I sign up?

Here is the official DEF CON 30 training registration link, make sure you register before the training sold out 😉

https://defcontrainings.myshopify.com/products/madhu-akula-a-practical-approach-to-breaking-pwning-kubernetes-clusters

Anything I should be prepared before coming?

  • Laptop with a modern browser, and wireless internet connectivity. For the training purpose, you will get your Kubernetes cluster with all the setup included so we can purely focus on training to learn and hack!
  • Here are some skills which might be helpful to accelerate the training

👉 Able to use Linux CLI

👉 Basic understanding of system administration

👉 Experience with Docker and Containers ecosystem would be useful

👉 Security Experience would be plus

Thank you so much for reading this article, super excited and looking forward to seeing you at DEF CON 30 👋


Top comments (0)