// Comparison
Container Security vs Hacking Kubernetes: Which Should You Read?
Two cybersecurity books on Cloud, compared honestly: who each is for, what each does best, and which to read first.
Liz Rice's first-principles introduction to how Linux containers actually work — namespaces, cgroups, capabilities, seccomp, image layering — and the security implications that fall out of those mechanics.
Threat-Driven Analysis and Defense
Andrew Martin, Michael Hausenblas
A threat-modeling tour of a Kubernetes cluster, component by component, that teaches you to harden defaults by first showing you how each one gets broken.
Read this if
Skip this if
Key takeaways
- A container is not a box; it is a process with curated views of namespaces and resources, and most container vulnerabilities live in the gap between that mental model and the box mental model.
- Capability dropping, read-only root filesystems, and seccomp profiles are not optional — Rice makes the case persuasively with concrete examples.
- Image-supply-chain hygiene is half the security story; the book pre-dates SLSA but motivates it cleanly.
- Default Kubernetes is built for convenience, not safety, and every chapter shows a default that an attacker is grateful for.
- Container breakout, lateral movement, and supply-chain compromise are the threats that actually matter, not the ones the dashboards highlight.
- Defense is layered: a single misconfigured RBAC binding or hostPath mount undoes everything else.
How they compare
Container Security and Hacking Kubernetes are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.
Both books target intermediate-level readers, so the choice is about topic, not difficulty.
Container Security and Hacking Kubernetes both cover Cloud, Containers, so reading them in sequence reinforces the same material from different angles.