The massive 2019 Capital One data breach exposed sensitive information on 100+ million customers due to a misconfigured Kubernetes firewall. This talk will detail how AIOps techniques like anomaly detection, log analysis, and metrics correlation could have prevented the breach by automatically detecting and locking down the vulnerable Kubernetes pod.

I will provide a technical analysis of the Capital One attack chain along with code examples demonstrating how common AIOps platforms like Dynatrace, DataDog, and Prometheus could have autonomously detected the unusual cluster activity in real-time. Attendees will learn Kubernetes best practices for network policies, pod security contexts, and runtime threats that can be enforced automatically via policy as code when AIOps signals a potential intrusion.