Hacking Kubernetes: Threat-Driven Analysis and Defense

by Andrew Martin, Michael Hausenblas

Running cloud native workloads on Kubernetes can be challenging--keeping them secure is even more so. Kubernetes's complexity offers malicious in-house users and external attackers alike a large assortment of attack vectors. Hacking Kubernetes reviews defaults and threat models and shows how to protect against attacks.

Securing your workloads is both essential and urgent, so this invaluable hands-on guide is available to you in an early release edition before it's available to the general public. It covers topics critical for cloud native security, detailing how to:


Run Kubernetes securely, on both a strategic and an operational level
Exploit Kubernetes default configurations and defend against these kinds of attacks
Review Kubernetes clusters for security weaknesses
Securely run arbitrary and untrusted code
Harden the Kubernetes setup to defend against any and all possible threats

Genres: Technology, Programming, Technical, Engineering, Reference, Computer Science, Computers

525 pages, Kindle Edition

Published October 13, 2021

About the author

Librarian Note: There is more than one author in the GoodReads database with this name.

Andrew Martin (born 6 July 1962) is an English novelist and journalist.

Martin was brought up in Yorkshire, studied at the University of Oxford and qualified as a barrister. He has since worked as a freelance journalist for a number of publications while writing novels, starting with Bilton, a comic novel about journalists, and The Bobby Dazzlers, a comic novel set in the North of England, for which he was named Spectator Young Writer of the Year. His series of detective novels about Jim Stringer, a railwayman reassigned to the North Eastern Railway Police in Edwardian England, includes The Necropolis Railway, The Blackpool Highflyer, The Lost Luggage Porter, Murder at Deviation Junction and Death on a Branch Line. He has also written the non-fiction book; How to Get Things Really Flat: A Man's Guide to Ironing, Dusting and Other Household Arts.

Reviews

[∃Ⓐ∀ · Rating 3 out of 5]

I would maybe give it a 3 and a half starts instead. The first few chapters were very good in that in seemed like the author was going to dive deeper than they did on technical details related to the kernel. For instance, he described some basic concepts that perhaps most people would already be familiar with reading the book, but missed opportunities to describe cgroups and capabilities in detail, as well as covering data that can be obtained abut the host via /proc and /proc/fs. Some chapters felt more like review of tools, which I appreciated at times, but he leaned a bit too much on tooling how-tos in some chapters. I still enjoyed it and was able to make note of several other areas for further investigation.

[pandapoo · Rating 4 out of 5]

Expected it to be more technical. It has a nice list of resources in Appendix B.

[Mayur Sinha · Rating 3 out of 5]

You don’t necessarily need this book to hack Kubernetes. Instead, it’s more useful for checking the references provided within it. By using these references, you can effectively hack and secure your Kubernetes infrastructure.