Sandboxes, Seccomp, and Syscalls: Chasing Isolation in Kubernetes
Mark Manning
BSidesSF 2026 · Day 2 · AMC Theatre 09
In this insightful talk from BSides SF, Mark Manning, an offensive security engineer at Chain Guard and creator of SECMC compare, delves into the complex landscape of container isolation within Kubernetes, particularly for "hard mode" scenarios where arbitrary or untrusted code is executed. Manning challenges the commonly held belief that custom Seccomp profiles are the panacea for Kubernetes security, meticulously dissecting the operational burdens, inherent difficulties in consistent profile generation, and subtle bypass techniques that render many Seccomp implementations less effective than presumed.
AI review
Manning brings real offensive experience to a topic that gets hand-waved constantly — he doesn't just say 'Seccomp is hard,' he shows you exactly *why* and *how* it fails. The IO_uring bypass demo and the tracing-pollution problem (security agents poisoning your own profile) are genuinely useful findings that most Kubernetes security content completely misses.