Yossi Weizman is a Senior Security Researcher in the Cloud Security Research team at Microsoft. He has 10 years of experience in the security research field, starting in the Israeli military. In his current role, Yossi’s main focus is container security. Yossi holds a B.Sc. in Computer Science from Bar-Ilan University.
Lateral movement is usually the point where a cyber-attack becomes interesting. After gaining initial access, attackers might try to move laterally in the IT environment to reach other, more sensitive, resources. This is not different in Kubernetes: attackers won’t stop in a single compromised container: they would try to move laterally inside the cluster and more importantly, also outside the cluster. As Kubernetes clusters usually reside in the cloud, access to a container can be a foothold to the entire cloud workload. This can allow attackers to reach various cloud services, such as VMs, storages, secret stores, and also other Kubernetes clusters. We will go over various techniques attackers use for lateral movement in Kubernetes and explain how we, as defenders, can prevent them.
Hosted panel discussion and Q&A.