EN Blog ← click to enter blog RSS EN

2026-05-18: Practical Deep Dive into Kubernetes Security (Workshop)

Kubernetes is now the backbone of modern infrastructure - and one of the most attractive targets for attackers. As such, I'm excited to bring a hands-on workshop focusing on the security of Kubernetes to hackArcana. Here's some useful info about it:

  • Workshop: Practical Deep Dive into Kubernetes Security
  • Format: Live online (with instructors), exercise-based workshop
  • Instructors: Jarosław Jedynak, Michał Leszczyński (I've worked and played/made CTFs with them - they are SOLID!)
  • Duration: 18 hours over 6 weeks (6 modules)
  • Recordings: All sessions are recorded and available for at least 3 months
  • Schedule: Tuesdays, 7 PM CEST, 9.06, 16.06, 23.06, 30.06, 07.07, 14.07
  • Language: English
  • Level: Intermediate (you should know basics of K8s)

You can find all the details on the workshop's page, but here's also the agenda:

Module 1 - Kubernetes Architecture
Session: June 9th, Tuesday, 7 PM CEST

  • Kubernetes components and how they interact
  • Threat modeling the cluster: what attackers target and why
  • Workshop environment walkthrough and lab access
  • First hands-on exercises: exploring the cluster from an attacker's perspective

Module 2 - Build Phase Security
Session: June 16th, Tuesday, 7 PM CEST

  • Container image pitfalls and common misconfigurations
  • Source code and dependency scanning in CI/CD pipelines
  • Supply chain risks: what happens before the image reaches the cluster
  • Lab: identifying and fixing vulnerable image builds

Module 3 - Deploy Phase Security
Session: June 23rd, Tuesday, 7 PM CEST

  • Image signing and verification
  • Namespaces, pod security standards, and admission policies
  • Secrets management: what goes wrong and how to fix it
  • Lab: hardening deployment manifests and catching misconfigurations before they reach production

Module 4 - Runtime Phase Security
Session: June 30th, Tuesday, 7 PM CEST

  • Service account tokens and their abuse
  • Cloud environment pitfalls and metadata API attacks
  • Privilege escalation and container breakout scenarios
  • Lab: reproducing real runtime attack paths and applying mitigations

Module 5 - Administration, Access Control, and Networking
Session: July 7th, Tuesday, 7 PM CEST

  • Authentication mechanisms and common weaknesses
  • RBAC deep dive: misconfigurations, auditing, and least privilege
  • Admission controllers and policy enforcement
  • CNI configuration, network policies, firewalls, and network-level attacks
  • Service meshes and their role in cluster security
  • Lab: attacking and hardening cluster access and network segmentation

Module 6 - Low-Level Container Security
Session: July 14th, Tuesday, 7 PM CEST

  • Linux namespaces, cgroups, and capabilities in depth
  • Seccomp profiles: building and applying them
  • Kernel exploits and container escape techniques
  • Wrap-up, Q&A, and next steps in your Kubernetes security journey
  • Lab: hands-on container isolation assessment and hardening

Workshop starts on June 9th and you can secure your place (and later your K8s) here: Sign up!

[ 0 comments ]

PL Blog ← kliknij by przejść na blog blog RSS PL

2024-11-19: Wyszedł Paged Out! #5

Właśnie wyszedł piąty numer magazynu Paged Out! Najważniejsze linki:

W piątym numerze jest cała masa świetnych artykułów (w tym dwa moje, też świetne, a co) – i standardowo, każdy zajmuje dokładnie jedną stronę. A stron w sumie jest 68.

Lista kategorii z tego numeru (w kolejności alfabetycznej):

  • Art,
  • Algorithms,
  • Artificial Intelligence,
  • Cryptography,
  • File Formats,
  • GameDev,
  • Hardware,
  • History,
  • Networks,
  • OS Internals,
  • Operating Systems,
  • Programming,
  • Retro,
  • Reverse Engineering,
  • and Security/Hacking.

W każdym razie, jeśli chcecie być na bieżąco z Paged Out!, to poniżej jest kilka sposobów, żeby to osiągnać:

Miłej lektury!
gynvael

[ 0 komentarzy ]

EN Random notes ← click to enter

Five newest or recently updated notes (these are unfinished posts, code snippets, links or commands I find useful but always forget, and other notes that just don't fit on the blog):

Click here for a list of all notes.

EN Security papers and research notes

Some conference slides are linked at the bottom of this page.

EN Selected vulnerabilities

The full list of vulnerabilities discovered by me (including collaborative work) can be found here (please note that the list might be out of date).

The Google Application Security / Research site might also contain some of my findings.

EN Coding (selected posts)
PL Videotutoriale i podcasty [ 0 views | 0 videos | 0 subscribers ]

Subscribe to me on YouTube W wolnym czasie prowadzę videocasty na żywo o programowaniu, reverse engineeringu oraz hackingu/security:

Livestream | Kanał na YT | Archiwum starszych odcinków

Najnowszy odcinek: Gynvael's Livestream #75: Implementujemy serwer FTP
[ 0 thumbs up | 0 comments | 0 views ]

Dodatkowo: ReverseCraft - starsza seria podcastów o reverse engineeringu i assembly.

PL Edukacyjnie (wybrane posty)

Dla programistów:

Security / hacking:

  • Hacking - jak uczyć się security/hackingu i spać spokojnie.

Dodatkowo, kilka przemyśleń na temat odnajdywania się na rynku pracy w IT:

PL Programowanie (wybrane posty)

← trochę więcej postów jest po angielskojęzycznej stronie.
【 design & art by Xa / Gynvael Coldwind 】 【 logo font (birdman regular) by utopiafonts / Dale Harris 】