2020-05-15, 13:30–14:15, Twitch
Dive into a typical Kubernetes cluster by messing with the default security controls, popular sidecar containers and supporting infrastructure.
Kubernetes' broad adoption has triggered a growth of frameworks, tools and technologies supporting it. It also means a growth in the attack surface. Instead of taking Kubernetes clusters head on, learn how to do a recon on a real-world k8s cluster and the common sets of sidecar containers that it relies on. Then see what it takes to pwn ingress point, service mesh, network infrastructure, package manager and performance monitoring tools. From there, get persistence in Docker registries and images.
Alex Ivkin is a director of solutions at Eclypsium, a US security company. His focus is on secure deployments of (in)secure software, including container orchestration, application security, and firmware security. Alex has two decades of security integration experience, presented at numerous security conferences, delivered trainings, holds MS in CSci, co-authored the ISACA CSXP certification and climbs mountains in his spare time.