This article explores AWS Bottlerocket, a secure operating system designed for container hosting. It tests how Bottlerocket defends against common container escape techniques, demonstrating its effective security measures compared to less hardened systems like Ubuntu.

The article explores security vulnerabilities in AWS EKS by deploying misconfigured Kubernetes pods. It demonstrates how an attacker can escape from a compromised pod to gain root access on the host and potentially access other services. The focus is on the implications of specific dangerous configurations and their exploitation.

Wefox Italy has transitioned to a multi-tenant Software as a Service (SaaS) model using Amazon Elastic Kubernetes Service (EKS) to enhance application deployment and management. This solution incorporates GitOps practices, Terraform for infrastructure management, and a dual-cluster architecture to ensure robust data isolation and operational efficiency. Key benefits include improved security, tenant isolation, and cost efficiency through automated processes and shared services.