93% of organisations have at least one overprivileged Kubernetes service account. Most teams bolt on security tools, react to CVEs, and hope for the best because they never learned to think about cloud native security as layers. The Kubernetes documentation defines four of them: Cloud, Cluster, Container, and Code.
In this talk, I'll walk through each layer using real production examples. How enabling AWS Security Hub and GuardDuty revealed blind spots we didn't know existed. Why RBAC misconfigurations and missing network policies are quietly exposing clusters everywhere. How Trivy caught vulnerabilities in base images we'd been shipping for months. And how Semgrep and Gitleaks in our CI/CD pipeline caught a hardcoded API key before it ever hit production.
You'll leave with a practical framework for evaluating your own security posture layer by layer and a set of tools you can start using this week.