Container escape vulnerabilities continue to plague organizations, elevating small misconfigurations into full host compromises. This talk goes into advanced techniques to discover and exploit container escape vectors, from capability abuse all the way to runtime manipulation. In this talk, we'll examine, through live demonstrations and real-world case studies, how attackers link ostensibly minor issues into complete system compromises.

In the talk, attendees will see live demos of real-world container escape techniques, including Docker socket exploitation, privileged container abuse, and volume mount attacks. The discussion not only reveals vulnerabilities but also provides a deep understanding of how these security flaws come to be, how they can be related to each other, and, most importantly, how they can be prevented in production environments. Through a series of carefully crafted demonstrations, attendees will gain insight into how attackers can leverage seemingly insignificant misconfigurations to achieve significant security compromises.

This presentation is ideally suited for security engineers, container platform engineers, DevSecOps practitioners, and penetration testers, as it effectively connects theoretical concepts of container security with practical exploitation techniques observed in real-world scenarios. Attendees will leave not only with knowledge but also with hands-on tools and methodologies that can be put into practice to test and secure their own container environments immediately. The talk includes access to custom testing tools, hardening guides, and a lab environment setup guide, so participants can easily continue their learning after the session. What really sets this discussion apart is that it covers both offensive techniques and defensive strategies, hence an overall view of container security in modern DevOps environments.