Jay Beale on Kubernetes, DEF CON, and Breaking Into AI Systems

This week on Shared Security, Tom and Kevin sit down with Jay Beale — founder of InGuardians, long-time Black Hat trainer, creator/contributor behind Kubernetes security training, and part of the team behind the DEF CON Kubernetes CTF. Jay shares stories from decades of offensive security work, including the time Tom hired him for a physical penetration test and Jay somehow ended up inside a call center instead of stuck in the lobby. The crew also digs into what makes good security training, why Kubernetes is such a natural platform for both defenders and attackers to understand deeply, and how the DEF CON Kubernetes CTF is designed to be welcoming for both competitors and learners. The episode closes with a practical look at AI infrastructure risk. Jay explains how production AI stacks running on Kubernetes can be attacked like any other cluster — and how modifying a vector database behind a RAG system can turn indirect prompt injection into a persistent, high-impact attack path. 00:00 Meet Jay Beale 00:38 Legendary Intro Banter 01:06 InGuardians Origins 03:05 The Writing Class Roast 04:20 Impersonation Pen Test Setup 08:19 Inside the Building 09:50 Badge Bluff and Escape 12:36 Consultant Bag Lessons 17:19 Black Hat Kubernetes Class 19:35 AI Agents in K8s Attacks 22:07 DEF CON Kubernetes CTF 27:22 AI Hosting Attack Path Wrap Show notes: https://sharedsecurity.net/2026/06/29... Shared Security is the longest-running cybersecurity and privacy podcast where industry veterans Tom Eston, Scott Wright, and Kevin Tackett break down the week’s security WTF moments, privacy fails, human mistakes, and “why is this still a problem?” stories — with humor, honesty, and hard-earned real-world experience. Hit that subscribe button for more great content each week!    / sharedsecuritypodcast   🎁 Get 10% off your order of high quality Faraday products built to protect your privacy from SLNT! Visit https://slnt.com and use discount code "sharedsecurity" at checkout. #Podcast #SharedSecurity #Cybersecurity #Privacy #DigitalPrivacy #Surveillance #Kubernetes #AISecurity #PromptInjection #RAG #VectorDatabases #DEFCON #PhysicalPentest #OffensiveSecurity #CloudSecurity