Attacker's use one of three things to exploit and gain access to protected systems. The lack of (or misconfiguration) of security controls, vulnerabilities in the infrastructure and code itself or social engineering techniques to obtain information that can be used to gain access.
The presentation covers various techniques and tactics that attacker's use to collect information about a target's infrastructure, gain access to Kubernetes environments and perform various tactics to persist and escalate privileges. These tactics being mapped to the Kubernetes MITRE ATT&CK like framework that Microsoft created.
The presentation highlights the journey of how an attacker moves from gathering information and obtaining initial access to planting backdoors, evading defenses, escalating privileges and eventually causing an impact on the infrastructure.