Watch Rafraf & Rafik's talk at ContainerDays 2025
Kubernetes clusters are increasingly targeted by attackers due to misconfigurations and insufficient hardening. In this talk, we will address these challenges by diving into advanced security practices, including RBAC auditing, Network Policy testing, runtime security monitoring, and Linux-level hardening. You’ll learn how to enforce least privilege with RBAC, block unauthorized traffic using Network Policies, and detect anomalies in real-time with tools like Falco.
Additionally, the session will cover how to reduce attack surfaces by implementing seccomp profiles, Linux Security Modules (AppArmor/SELinux), dropped capabilities, and sandboxing technologies (gVisor, Kata Containers). Attendees will leave with practical illustrations and actionable strategies to secure their Kubernetes environments effectively.
Speakers: Mohamed Rafraf & Rafik Harabi
