Explore Kubernetes cluster security from an attacker's perspective in this 35-minute conference talk by Zebin Zhou from Tencent. Gain insights into real-world attack scenarios on K8s clusters, including container escape techniques, bypassing Pod Security Policies, and lateral movement strategies. Learn how to build secure, multi-tenant, large-scale Kubernetes clusters and implement effective defense mechanisms. Discover Tencent's experience in securing multi-tenant Kubernetes environments, with practical examples of security risks and their solutions. Cover topics such as K8s security features, privileged container exploitation, node-to-cluster admin escalation, API gateway protection, and the limitations of PodSecurity Policies. Enhance your understanding of Kubernetes security to better protect containers and data in your clusters.