On Container Orchestration

On Container Orchestration

Peer group discussions on running infrastructure in production

Make a submission

Accepting submissions till 31 Dec 2020, 11:00 PM

Container Orchestration is a series of online sessions to discuss:

  1. Why containerized orchestration - experiential case studies of patterns and anti-patterns.
  2. Tools and tooling - why and how.
  3. Deployment and monitoring; troubleshooting.
  4. Security.

Sessions on Containerized Orchestration will be held as:

  1. Standalone talks
  2. Birds of Feather (BOF) sessions
  3. Quarterly (online) MiniConfs

Submit a topic for someone to conduct a session; or submit ideas based on your experience with container orchestration.

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more

Abhisek Datta

@abhisek

Kubernetes from an Attacker's Perspective

Submitted Apr 8, 2020

Kubernetes is everywhere, a container orchestration system that is actively supported by all major cloud providors and adopted by companies across size and scale.

However, the distributed nature of the system at its core has new and interesting security implications that cannot be ignored. The ability of an attacker within a cluster to recon, move around (lateral movement), escalate and gain cluster-admin privilege is presented in this talk.

This talk is primarily targeted for Red Teams but also suitable for DevSecOps Teams looking to defend their cluster against various attacker tools and techniques.

Outline

  • Attacker’s intro to Kubernetes
  • Kubernetes attack surfaces (Threat Model)
  • Attacker in a Pod (Starting Point)
  • Attack scenarios (live)
  • Cluster discovery and situational awareness
  • Service discovery and privilege mapping
  • Lateral movement and privilege escalation
  • Maintaining access in the cluster (Persistence)

Speaker bio

An accomplished security professional with over a decade of experience in information security solution engineering, services, vulnerability research, reverse engineering and security tools development.

A participant of NULL – India’s largest open security community as a core team member responsible for techndnology development.

Slides

https://speakerdeck.com/abhisek/kubernetes-from-an-attackers-perspective-fwd-cloudsec-2020

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Make a submission

Accepting submissions till 31 Dec 2020, 11:00 PM

Hosted by

Rootconf is a forum for discussions about DevOps, infrastructure management, IT operations, systems engineering, SRE and security (from infrastructure defence perspective). more