Hacking Kubernetes
Benjamin Koltermann
Cloud Village @ DEF CON 33 · Day 1 · Cloud Village
In his Cloud Village talk, "Hacking Kubernetes," Benjamin Koltermann provides a comprehensive exploration of common security vulnerabilities and misconfigurations within Kubernetes environments. The presentation is structured to first introduce fundamental Kubernetes concepts and then progressively delve into advanced attack vectors related to **Role-Based Access Control (RBAC)** and **Admission Control**, culminating in a series of hands-on, CTF-style practical labs. Koltermann's objective is to equip attendees with a deeper understanding of how attackers exploit Kubernetes and, crucially, how defenders can fortify their clusters against such threats.
AI review
Competent, well-structured Kubernetes security survey that covers the standard attack surface — RBAC misconfigs, service account token abuse, pod escape via nsenter, admission controller bypass — with the CTF lab format adding genuine hands-on value. Nothing here breaks new ground; this is a well-executed educational primer, not a research talk.