NorthSec 2020 (Online Edition)

Practical security in the brave new Kubernetes world
2020-05-15, 13:30–14:15, Twitch

Dive into a typical Kubernetes cluster by messing with the default security controls, popular sidecar containers and supporting infrastructure.


Kubernetes' broad adoption has triggered a growth of frameworks, tools and technologies supporting it. It also means a growth in the attack surface. Instead of taking Kubernetes clusters head on, learn how to do a recon on a real-world k8s cluster and the common sets of sidecar containers that it relies on. Then see what it takes to pwn ingress point, service mesh, network infrastructure, package manager and performance monitoring tools. From there, get persistence in Docker registries and images.