The talk "Kubernetes and Docker Forensics & Incident Response" will focus on the Digital Forensics and Incident Response (DFIR) investigation of containerized environments using Kubernetes and Docker. With the increasing adoption of containerization technologies, it is crucial for organizations to have a robust security strategy in place to handle security incidents. This talk will cover the key concepts of containerization technologies such as Docker and Kubernetes, and their security implications. We will discuss the forensic techniques and methodologies that can be used to identify the root cause of security incidents in these environments, including container forensics, network traffic analysis, and memory forensics. The talk will also provide insights into the challenges and limitations of conducting a DFIR investigation in a containerized environment, such as the ephemeral nature of containers and the need for specialized tooling. Attendees will learn about the best practices for implementing logging and monitoring in Docker and Kubernetes environments, as well as the importance of having a well-defined incident response plan for containerized environments. Overall, this talk will provide valuable insights into the DFIR investigation of containerized environments using Kubernetes and Docker, and how organizations can better prepare themselves to respond to security incidents in these environments.