Presented at
ShellCon 2020 Virtual,
Oct. 9, 2020, 2 p.m.
(55 minutes).
This demo-heavy talk with teach you how to attack a Kubernetes cluster, with a new Bust-a-kube scenario themed on the movie, "Inception." You'll see a four-stage attack that starts by gaining access in a low-privileged container that was built from a typo-squatted library. From there, we'll find ourselves in a Kubernetes cluster within a Kubernetes cluster, as with Inception's "dream within a dream." You'll learn how to break this attack with multiple defeneses, including OPA Gatekeeper. Afterward, practice the attack and defense with the open source Bustakube cluster.
Presenters:
-
Jay Beale
Jay Beale works on Kubernetes and cloud native security, both as a professional threat actor and as a co-lead of the Kubernetes project's security audit working group. He's the architect of the Peirates attack tool for Kubernetes, as well as the @Bustakube Kubernetes cluster. Beale created Bastille Linux and the Center for Internet Security's Linux scoring tool, two tools used by hundreds of thousands of individuals, companies and governments. Since 2000, he has led training classes on Linux security and Kubernetes at the Black Hat, CanSecWest and IDG conferences, as well as private trainings. As an author, series editor and speaker, Beale has contributed to nine books, two columns and over 100 public talks. He is CTO of the infosec consulting company InGuardians.
Links:
Similar Presentations: