Hackin your first Kubernetes cluster: An intro to cloud & container infrastructure exploitation

Presented at CHCon '21 (2021), Nov. 6, 2021, 5:30 p.m. (30 minutes).

Kubernetes has emerged as the primary container orchestration system in modern cloud infrastructure. It's a fast moving beast & there are always new things to learn. As a result of this, certain basic security misconfigurations are quite common. In this talk, we will introduce the core concepts of Kubernetes for an unfamiliar technical audience, and highlight some common methods to compromise workloads and clusters.

Presenters:

  • Abby Jaskari
    Abby recently graduated from University of Maine at Augusta post-grad in Cyber Security with knowledge of Python, networking, digital forensics, Security Risk Management and experience with Linux and Windows System Administration and Security in a live virtual environment. Also, a badass iFly tunnel instructor with a background in psychology.
  • Sam "Frenchie" Stewart
    Staff Infrastructure Security Engineer @ Brex Frenchie is far too biased to answer this question, and instead chooses to break the 4th wall. Originally from Batmania, by way of San Secuestro, he is currently a Covid Refugee living in Queenstown. Previously, he was part of the 🤖 🚗 skynet prevention squad as Infrastructure Security Engineering Manager at Cruise. Shipped https://github.com/cruise-automation/k-rail and can often be found tinkering with cloud, cluster & container security things (anything starting with a C, really).

Links:

Similar Presentations: