Hack and Defend AWS EKS Clusters using OWASP EKS Goat is a hands-on workshop focused on real-world AWS EKS security. Participants will learn to identify and exploit common misconfigurations, simulate attacks, and apply effective defenses using opensource tools and best practices.

This workshop follows a structured, lab-driven approach—from understanding Docker and container internals, exploring AWS ECR and IAM misconfigurations, to simulating attacks and deploying defense strategies. Participants will learn how to exploit cloud misconfigurations, perform supply chain attack in CICD pipeline, backdooring ECR image, credentials exfiltration via IMDSv2, pod to node breakout, and finally securing AWS EKS environment using GuardDuty, open-source Kyverno and Tetragon.

This lab uses open source OWASP EKS Goat, enabling attendees to simulate adversary techniques starting from deployment and reinforce Kubernetes security hardening practices in production-grade AWS EKS environments.
OWASP EKS Goat: https://github.com/OWASP/www-project-eks-goat