In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Wednesday, October 13 • 2:30pm - 3:05pm
Kubernetes Exposed! Seven of Nine Hidden Secrets That Will Give You Pause - Ian Coldwater, Twilio & Brad Geesaman, Aqua Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Think you know Kubernetes? Think again. Kubernetes is full of uncommon knowledge and doesn’t always behave the way we assume, containing unexpected gotchas and surprising behaviors that’ll make you say, “how come nobody told me this earlier?” In this talk, Ian Coldwater and Brad Geesaman will shine a light on hidden secrets in Kubernetes, demonstrating scary science such as pods in non-existent namespaces, bypassing network policies via DNS, fun with capable sidecar containers, and one weird trick attackers don’t want you to know. Defenders hate it! Don’t build your next threat model before watching this! Attendees will learn how not to get caught off guard by learning what to watch out for and how to better secure their systems. You won’t believe what happens next.

avatar for Brad Geesaman

Brad Geesaman

Staff Security Engineer, Ghost Security
Brad Geesaman is a Staff Security Engineer at Ghost Security and focuses on researching and building cloud-native systems with a security practitioner's mindset. When he’s not hacking on containerized environments, he enjoys spending time with his family in Virginia, eating Mexican... Read More →
avatar for Ian Coldwater

Ian Coldwater

Security Researcher, Independent
Ian Coldwater is a security researcher specializing in hacking and hardening Kubernetes, containers, and cloud native infrastructure. When they're not busy being co-chair of Kubernetes SIG Security, they like to read all the docs, participate in Capture the Flag competitions, and... Read More →

Wednesday October 13, 2021 2:30pm - 3:05pm PDT
Concourse Hall 151 + Online