A curated list for Kubernetes (K8s) Security resources such as articles, books, tools, talks and videos.
Most of the resources are in English, the ones that aren't will be flagged as such. All the content in this list is public and free, please use them for educational purposes only!
Not all the tools have been tested or reviewed, use them at your own risk! Also, I don't consider myself a K8s Security expert, I'm just learning and helping others learn along with me. Thanks!
These are the main topics of this Awesome Kubernetes (K8s) Security List. Everything related to the Security of Kubernetes (and its components such as CoreDNS, etcd) either for learning, breaking or defending it, will be added down below. If you have any other good links or recommendations, feel free to submit a PR!
- π The Basics
- πΌ Official Pages
- πΉ Talks and Videos
- π° Blogs and Articles
- ποΈ Books
- π Certifications
- π₯ CVEs
- π Slides
- π§ͺ Trainings
- πΎ Repositories
- π Papers
- π€ Podcasts
- π§° Jobs
- π‘ Community
To understand about Kubernetes Security you first need to understand the basics of how Kubernetes works and all the components involved. Here's some links and materials to help you with that journey:
Kubernetes Concepts Explained in 9 minutes!
Kubernetes The Hard Way - Kelsey Hightower
Kubernetes Challenge π§π·
Kubernetes de K a S - Erlon Pinheiro π§π·
Uncomplicating Kubernetes (Jefferson Noronha aka LinuxTips) π§π·
Kubernetes Security and Disclosure Information
CNCF SIG Security Meeting Notes
CNCF SIG Security Mailing List
Kubernetes SIG ecurity Meeting Notes
Kubernetes SIG Auth (Authorization, Authentication, and Cluster Security Policy)
Kubernetes Security Audit 2019 Results
Kubernetes Security Audit 2021 RFP
Compromising Kubernetes Cluster by Exploiting RBAC Permissions - Eviatar Gerzi, CyberArk (RSA 2020)
Kubernetes Deconstructed: Understanding Kubernetes by Breaking It Down - Carson Anderson, DOMO
Advanced Persistence Threats: The Future of Kubernetes Attacks (RSAC 2020)
Kubernetes Security Best Practices - Ian Lewis, Google
Securing Kubernetes Secrets (Cloud Next '19)
Jay Beale - Attacking and Defending Kubernetes - DEF CON 27 Packet Hacking Village
The State of Kubernetes Security - Liz Rice
DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security
Kubernetes Security 101: Best Practices to Secure your Cluster
Kubernetes Security 101: OWASP Natal Virtual Meeting π§π·
Securing Kubernetes Clusters by Eliminating Risky Permissions
Using Kubelet Client to Attack the Kubernetes Cluster
Risk8s Business: Risk Analysis of Kubernetes Clusters
How to Set Up and Manage Logs with Kubernetes
The Current State of Kubernetes Threat Modelling
Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes
The Basics of Keeping Kubernetes Clusters Secure
The Basics of Keeping Kubernetes Cluster Secure: Worker Nodes and Related Components
How to Secure Your Kubernetes Cluster
Kubernetes Security 101: Best Practices To Secure Your Cluster
Open Sourcing the Kubernetes Security Audit
Amazon EKS Best Practices Guide for Security
Protecting Kubernetes: The Kubernetes Attack Matrix and How to Mitigate Its Threats
Securing the 4Cs of Cloud Native
CVE-2018-18264 Privilege escalation through Kubernetes dashboard
Certified Kubernetes Security Specialist (CKS) exam guide
Hacking Kubernetes by Andrew Martin, Michael Hausenblas
Learn Kubernetes Security by Kaizhe Huang and Pranjal Jumde
Kubernetes Security by Liz Rice and Michael Hausenblas
Container Security by Liz Rice
Kubernetes: Up and Running, Second Edition by Brendan Burns, Joe Beda and Kelsey Hightower
Exploring container security: Vulnerability management in open-source Kubernetes
Communication is Key - Understanding Kubernetes Networking (KubeCon EU 2020)
Seccomp Profiles and you: A practical guide (KubeCon EU 2020)
Advanced Persistence Threats: The Future of Kubernetes Attacks (KubeCon EU 2020)
Help! My Cluster Is On The Internet!
Cloud Native Security Tutorial
Kubernetes Security (Advanced Concepts)
Katacoda Kubernetes Goat Videos
Attacking and Auditing Docker Containers and Kubernetes Clusters
A Cloud Guru Kubernetes Security
SANS Cloud-Native Security Defending Containers and Kubernetes
Control Plane Security Training
Linux Academy - Kubernetes Security
Kubernetes Networking Labs for KubeCon EU 2020 Talk
Kubernetes Audit by Trail of Bits
CIS Kubernetes Benchmark - InSpec Profile
Kube PodSecurityPolicy Advisor
Advocacy Site for Kubernetes RBAC
Kubernetes Security - Best Practice Guide
Kubernetes Security Assessment - Final Report - May 2019
Kubernetes Security Whitepaper - June 2019
Kubernetes Threat Model - June 2019
Attacking Kubernetes - A Guide for Administrators and Penetration Testers
Kubernetes Γ© seguro por default ou Γ prova de mΓ‘ configuração? π§π·
Kubernetes Podcast (from Google)
PodCTL - Enterprise Kubernetes
