Nov 7 – 9, 2022
Prague, Czech Republic
Europe/Prague timezone

Breaching the sky’s limit on your cloud: privilege escalation in Kubernetes explained

Nov 7, 2022, 2:00 PM
Karlin 3 (Hilton Prague)

Karlin 3

Hilton Prague

25 Minute Talk Infrastructure


Natalia Nowakowska


With the increase in Kubernetes adoption, securing your cluster is becoming a key concern. This talk aims to increase awareness of k8s security risks and how you can remediate them by showcasing common misconceptions around the topic and demonstrating privilege escalation vulnerabilities according to MITRE ATT&CK and OWASP. The talk will include a short demo on Canonical Microk8s.

By the end of this talk, attendees will:

  • Learn how to quickly get up and running with Microk8s using Multipass
  • Understand common privilege escalation attacks, such as namespace bypass, container escape and RBAC model exploitation
  • Understand which compensating controls can be put in place to reduce the attack surface.

Session author bios

Natalia is a software engineer at Canonical, currently working in the Identity team on IAM solutions. Her main areas of interest include cybersecurity and cryptography.

Level of Difficulty Intermediate

Presentation materials

There are no materials yet.