Web Banner
Back to Pre-Conference Training Page

Back to Conference Home Page

Kubernetes Security Capture the Flag (CTF)

Half-Day Interactive (Classroom) Training - OWASP New Zealand Day 2024

Abstract

Attendees will be let loose on a realistic, production-like Kubernetes cluster, each player must navigate scenarios and thwart ControlPlane’s long-time adversary Captain Hashjack. They will enumerate, exploit and escalate their way to buried treasure (hidden flags) scattered throughout the cluster.

Target Audience

Course Details

Dates: Wednesday, 4 September 2024

Time: 1:45 to 5:30 p.m. (NZST)

Instructor: Rob Kenefeck and Mario Weigel (Control-Plane.io)

Course Fee: NZ $250.00 (plus GST and ticketing fees)

Registration Site: https://events.humanitix.com/owaspnz2024-training

Maximum Enrolment: 36 attendees

Prerequisites - What Students Should Bring

Course Description

Delve deeper into the dark and mysterious world of Kubernetes security. Start your journey deep inside the target infrastructure, collecting flags as you exploit your position in the environment and hunt for vulnerabilities, thwarting Captain Hλ$ђ𝔍∀¢k in his quest of destruction.

Attendees can play Beginner to Intermediate scenarios to bushwhack their way through the jungle of Kubernetes security. Attendees will be hands-on to understand more about core Kubernetes components and how they can be misconfigured and compromised.

Each attendee will be given access to their own Kubernetes cluster built within our bespoke sandboxed training environment. A laptop with an SSH client is required to participate.

Your Instructors

Rob Kenefeck is a Principal Consultant with more than 15 years of experience in designing, building, and deploying cloud native platforms. Rob likes to talk about how Security is fundamental to DevOps, how Kubernetes often isn’t the best answer to your problem, and his lived experience of Site Reliability Engineering. Rob has been Automating toil in Linux for 20 years, but when Kubernetes came along he was initially dismissive; after all, he was already building everything in Containers with Docker and orchestrating in a variety of semi-manual ways. Rob has since come to appreciate all it can do and also what its limitations are and when NOT to use it.

Rob has taught DevOps courses and Kubernetes courses while also helping large enterprises setup internally managed Kubernetes platforms with a product based mindset.

Mario Weigel is a Cloud Native Engineer with a diverse career spanning several roles in IT, including Software Testing, Systems Administration, and Security. His experience working with containers and Kubernetes across a range of organizations, from small startups to large financial institutions, has given him unique insights into the challenges involved in deploying and securing these technologies. Additionally, he runs the Auckland Kubernetes Meetup, a platform where the community collaborates to share knowledge, best practices, and experiences with cloud-native technologies.