Blogs by 

Riyaz Walikar

Security musings, research, best practices and more from the Kloudle team

An Attacker's Approach to Pentesting IBM Cloud - fwd:cloudsec 2021
Posted by
Riyaz Walikar
on
September 14, 2021

Slides of the talk presented at fwd:cloudsec 2021, titled - "An Attacker's Approach to Pentesting IBM Cloud". The talk contains examples of attack vectors, interesting things in IBM Cloud and future work to improve documentation.

Read More
You do not want to miss these talks at Black Hat USA!
Posted by
Riyaz Walikar
on
August 3, 2021

A list of talks in the Cloud Security and Platform domain that we have added to our must watch list of talks as the sheer number of sessions at the Black Hat briefings can be overwhelming!

Read More
Authentication Bypass in Apache Airflow - CVE-2020-17526 and AWS Cloud Platform compromise
Posted by
Riyaz Walikar
on
June 22, 2021

An authentication bypass within Apache Airflow allowed an attacker to login as any user in the Airflow system. Post exploitation within the app, led to a full cloud account compromise on AWS.

Read More
IAM Bad: Privilege Escalation using Misconfigured Policies in AWS IAM (Webinar)
Posted by
Riyaz Walikar
on
May 6, 2021

A walkthrough of the slides covered as part of our Star Wars Day special webinar on IAM policy misconfigurations that can lead to privilege escalations and a takeover of the target AWS account.

Read More
DeveloperWeek Europe 2021 - Walkthrough of the Talk slides and Audience Questions
Posted by
Riyaz Walikar
on
April 29, 2021

A walkthrough of the slides covered as part of the DeveloperWeek Europe 2021 virtual conference, attack details and answers to questions that were asked during the talk.

Read More
Who else is in your pod? - Walkthrough of the KubeSec Enterprise Online Talk
Posted by
Riyaz Walikar
on
April 8, 2021

A walkthrough of the slides covered during the KubeSec Enterprise Online 2021 talk with details of the attacks covered and tips and tricks to harden your Kubernetes cluster.

Read More
Rogue One: A Certified Kubernetes Administrator (CKA) Exam Story
Posted by
Riyaz Walikar
on
March 3, 2021

My journey and experience with how I approached the CKA exam, failed it, learnt from my failure and passed it in my second attempt. Tips and Tricks included!

Read More
Part 9 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Impact on the Cluster
Posted by
Riyaz Walikar
on
February 26, 2021

This is the ninth and the last part of a series on the MITRE ATT&CK framework for Kubernetes, covering the Impact tactic with examples.

Read More
Part 8 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Lateral Movement
Posted by
Riyaz Walikar
on
February 22, 2021

This is the eighth part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Lateral Movement tactic with examples.

Read More
We are speaking at the KubeSec Enterprise Online North America - 2021 Conference
Posted by
Riyaz Walikar
on
February 17, 2021

Announcement post for our talk at the conference where we will talk about how attackers gain access and what they can do once they are "Attackers in a Pod".

Read More
Part 7 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Discovery
Posted by
Riyaz Walikar
on
February 8, 2021

This is the seventh part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Discovery tactic with examples.

Read More
Part 6 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Credential Access
Posted by
Riyaz Walikar
on
January 28, 2021

This is the sixth part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Credential Access tactic with examples.

Read More
Part 5 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Defense Evasion
Posted by
Riyaz Walikar
on
January 21, 2021

This is the fifth part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Defense Evasion tactic with examples.

Read More
Part 4 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Escalation
Posted by
Riyaz Walikar
on
January 18, 2021

This is the fourth part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Privilege Escalation tactic with examples.

Read More
Part 3 - Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Persistence
Posted by
Riyaz Walikar
on
January 13, 2021

This is the third part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Persistence tactic with examples.

Read More
Part 2: Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Execution
Posted by
Riyaz Walikar
on
January 11, 2021

This is the second part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Execution tactic with examples.

Read More
Part 1: Mapping the MITRE ATT&CK framework to your Kubernetes cluster: Initial Access
Posted by
Riyaz Walikar
on
January 9, 2021

The MITRE ATT&CK framework provides a knowledgebase of adversary tactics and techniques. In this post, we see how Microsoft applied the attack matrix to K8S.

Read More
A Technical Analysis of the AWS CloudShell service
Posted by
Riyaz Walikar
on
December 21, 2020

A quick technical analysis of the AWS CloudShell service that provides a pre-configured shell on the cloud with access to your AWS account.

Read More
5 important security settings you need to review for your GKE clusters
Posted by
Riyaz Walikar
on
December 10, 2020

There are some very important settings related to security that you should regularly review in your Google Kubernetes Engine based K8S clusters

Read More
CVE-2020-15257 What is it and how does it impact your Docker and Kubernetes environments?
Posted by
Riyaz Walikar
on
December 1, 2020

A new vulnerability named CVE-2020-15257 has been discovered in the networking namespace. Our blog covers the details.

Read More
Are you missing patching your clusters because of the new Docker hub limits?
Posted by
Riyaz Walikar
on
September 13, 2020

Docker announced new limits on image pulls from its Hub. We examine how it may impact your K8s operations.

Read More