Zero Trust in the Matrix: Hardening Kubernetes for the AI Frontier
Apoorv Dayal
BSides Seattle 2026 · Day 2 · Track 1
As every company races to become an AI company, the infrastructure running large language models is rapidly becoming the most attractive target on the network. In this fast-paced closing talk at BSides Seattle, Apur, a security engineer at Microsoft with research interests in Kubernetes, containers, and application security, laid out why traditional security assumptions collapse when AI workloads enter the picture.
AI review
A well-structured offensive-meets-defensive talk that maps real attack patterns against AI infrastructure on Kubernetes to concrete, actionable mitigations. Apur demonstrates genuine field experience with sandbox escapes, SSRF via vision APIs, and cross-tenant isolation failures — all drawn from active research against production environments. The technical depth on network policy, container isolation (Kata/gVisor), and IMDS hardening is solid, and the Monday morning action plan gives defenders immediate value.