Presented with Brad Geesaman at KubeCon EU/Virtual 2020.
What would happen if your cluster was successfully compromised by an attacker who understands Kubernetes at a deep level? How could they attempt to avoid detection, cover their tracks, achieve full cluster access, obtain persistence, steal credentials, and launch additional attacks in your environment? As Kubernetes grows in popularity, the sophistication of attackers will improve, and security by obscurity will no longer be sufficient. Cluster operators need to be aware of what a skilled and knowledgeable attacker can be capable of.
Let’s explore the dark corners of clusters and shine a light on how features such as privileged containers and validating webhooks can be used to maliciously mutate pods, exfiltrate data, deploy “shadow” control planes, and more. The audience will learn how to detect these advanced approaches and how to prevent these attacks using practical, proven methods.
iancoldwater
nikinusu
ryosukeigarashi
onk
yuki_ink
abemii
kenjikondobai
sinsoku
shujisado
hirosatogamo
.jpeg){kind=avatar}
arthur1
chou500
lycorp_recruit_jp
mojombo
marcelosomers
pedronauck
caitiem20
jponch
maggiecrowley
eileencodes
dougneiner
tanoku
aarron
lara
