Many companies have deployed Kubernetes, but few infosec folks have experience attacking it. We aim to address that shortage, culminating in an audience-directed Choose Your Own Adventure, movie-themed demo against an intentionally-vulnerable cluster named Bust-a-Kube. You’ll see how to attack Kubernetes clusters and learn what hardening techniques and freely available tools can break those attacks. We’ll review the components of a Kubernetes cluster, then show how a threat actor can chain configuration vulnerabilities to pivot and escalate privilege, pilfer data and take over clusters. You will also gain exposure to a new open source Kubernetes attack tool called Peirates.
Jay Beale (Twitter: @jaybeale) works on Kubernetes and cloud native security, as a professional threat actor, a Kubernetes Contributor and as a member of the Kubernetes Security Audit working group. He’s the architect and a developer on the Peirates attack tool for Kubernetes. In the past, Jay created two tools used by hundreds of thousands of individuals, companies and governments, Bastille Linux and the Center for Internet Security’s first Linux/UNIX scoring tool. He has led training classes on Linux security and Kuberntes at the Black Hat, CanSecWest, RSA, and IDG conferences, as well as in private corporate training, since 2000. As an author, series editor and speaker, Jay has contributed to nine books and two columns and given over one hundred public talks. He is CTO of the information security consulting company InGuardians.