The Path Less Traveled: Abusing Kubernetes Defaults

Дата: 13.12.2019. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

Kubernetes is a container orchestration framework that is increasingly widely used in enterprise and elsewhere. While the industry is starting to pay some attention to Kubernetes security, there are many attack paths that aren’t well-documented, and are rarely discussed. This lack of information can make your clusters vulnerable.

In this live demonstration-filled talk, we are going to walk through the Kubernetes control plane before using to show some of the attack surface exposed by a default configuration of Kubernetes. There will be multiple exploits involving various moving parts, including cluster takeovers and host escapes. We’ll show you mitigations, and then show you how to get around those.

By Ian Coldwater and Duffie Cooley

Об авторе CISOCLUB

Редакция CISOCLUB. Официальный аккаунт. CISOCLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *