SIG-Security: Succession Planting for a Flowering Future

Providing an update on the activities of Kubernetes SIG-Security at KubeCon EU London 2025

April 11, 2025

Container Security Workshop - BSides London

Introduction to Docker and Kubernetes security, presented at BSides London 2024

December 14, 2024

Static Pods Are Weird

A somewhat rambly adventure in the oddnesses of static pods and how the Kubelet evaluates manifests in the static directory. This talk is very much based on /posts/2024-10-13-mirror-mirror/. Apologies for oddities in the slides on the talk recording, I was trying a new slide generation pipeline and it very much had some teething problems. Link to recording Link to slides

October 24, 2024

I'll Let Myself In: Kubernetes Privilege Escalation Tactics

A selection of escalation and persistence tactics in Kubernetes, presented at Kubecon EU 2024

March 20, 2024

Container Security Workshop

Introduction to Docker and Kubernetes security, presented at Securi-Tay 2024

March 1, 2024

Container Security Workshop

Introduction to Docker and Kubernetes security, presented at Steelcon 2023

July 7, 2023

RCE-As-A-Service: Lessons Learned from 5 Years of Real World CI/CD Pipeline Compromise

A summary of frequently observed CI/CD attacks. Presented at Blackhat USA 2022.

August 10, 2022

I'm In Your Pipes, Stealing Your Secrets

Discussions of CI/CD pipeline breakout techniques. Presented at Securi-Tay 2022.

March 4, 2022