In this talk, we will discuss how to protect against the tactics of the four main Kubernetes-targeted attacks from 2023, including the Dero and Monero cryptocurrency mining campaigns, Scarleteel and RBAC-Buster. We will start by addressing the statistics around the prominence of Kubernetes-targeted attacks and analyzing the attacks themselves. Then we will look at the baseline requirements for detection and response in Kubernetes in general, based on what we see with these attacks, touching on examples of where runtime security or polling intervals scanning Kubernetes misconfigurations leave you exposed. We will demonstrate why a real-time view of the Kubernetes life cycle is key, connected to runtime, RBAC and more.