// Comparison
Hacking Kubernetes vs Kubernetes Security: Which Should You Read?
Two cybersecurity books on Containers, compared honestly: who each is for, what each does best, and which to read first.
Threat-Driven Analysis and Defense
Andrew Martin, Michael Hausenblas
A threat-modeling tour of a Kubernetes cluster, component by component, that teaches you to harden defaults by first showing you how each one gets broken.
Liz Rice and Michael Hausenblas's freely-available O'Reilly short on the Kubernetes-specific security model: API server, RBAC, network policy, secrets, and the typical hardening steps that move a cluster from default to defensible.
Read this if
Skip this if
Key takeaways
- Default Kubernetes is built for convenience, not safety, and every chapter shows a default that an attacker is grateful for.
- Container breakout, lateral movement, and supply-chain compromise are the threats that actually matter, not the ones the dashboards highlight.
- Defense is layered: a single misconfigured RBAC binding or hostPath mount undoes everything else.
- The Kubernetes security model is API-server-centric — most attacks are RBAC and network-policy failures, and the book makes this its spine.
- Default-deny network policy is the highest-leverage hardening step in any cluster, and the book's framing of why is the most quotable in print.
- Treat it as the on-ramp — once you have the basics, graduate to Kubernetes Security and Observability (Creane / Gupta) and current CNCF guidance.
How they compare
Hacking Kubernetes and Kubernetes Security are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.
Both books target intermediate-level readers, so the choice is about topic, not difficulty.
Hacking Kubernetes and Kubernetes Security both cover Containers, Cloud, so reading them in sequence reinforces the same material from different angles.