All there is to know about Kubernetes pentest.

Dhiyanesh Selvaraj, Security Consultant at SecureLayer7, walked teams through a working Kubernetes pentest, end to end. This is the recording.

Kubernetes is now the default orchestrator for microservice workloads, but its defaults are not safe by default. Attackers abuse network modules, weak RBAC, exposed dashboards, and unsealed secrets to stay under the radar and move laterally between pods.

The session covers the external enumeration and port-scanning that opens a cluster up, the RBAC misconfigurations that grant more than intended, secret and deployment handling, and the open-source tooling SecureLayer7 uses on real engagements: kube-bench, kube-hunter, and Kubernetes RBAC audit.