Over the past year, I’ve been writing a book focused on securing Kubernetes Security. Rather than just covering tools, it dives into practical topics like RBAC misconfigurations, admission controllers, runtime protection with Falco/Tetragon, audit log monitoring, and incident response strategies in Kubernetes-native setups. Specially interesting is the third-party plugins for securing the cluster and doing real attacking stuff, like container escapes and some more. Wanted to share here for this security community. Enjoy guys
I wrote a short post summarizing the intended audience, structure, and what I learned along the way:
This is an advertorial for a book. I don't see any of the "lessons" that the title references.
Over the past year, I’ve been writing a book focused on securing Kubernetes Security. Rather than just covering tools, it dives into practical topics like RBAC misconfigurations, admission controllers, runtime protection with Falco/Tetragon, audit log monitoring, and incident response strategies in Kubernetes-native setups. Specially interesting is the third-party plugins for securing the cluster and doing real attacking stuff, like container escapes and some more. Wanted to share here for this security community. Enjoy guys
I wrote a short post summarizing the intended audience, structure, and what I learned along the way: