From the early days of Kubernetes, security has been a topic of interest and an area with plenty of challenges. In this talk we'll take a look at some of the choices that Kubernetes has made, look at some vulnerabilities and exploits, and explore what's changed (and what hasn't!) over the last ten years all the way from the days of the "Kubelet exploit" and Tiller, through the ever evolving path of pod admission controls, to more recent security wins -- like the fact that service account tokens actually expire now!