We are speaking at the KubeSec Enterprise Online North America - 2021 Conference

Posted by
Riyaz Walikar
on
February 17, 2021
· 1 min read

KubeSec Enterprise Online North America - 2021 Conference

KubeSec is an industry event hosted by Aqua and their partners that focuses on security in cloud native environments, addressing the demanding security and compliance requirements when deploying Kubernetes in production.

The talks are spaced out over multiple weeks and has industry leaders and speakers from the following organizations

Speaker list companies

My talk titled - "Who else is in your Pod?" is scheduled for March 18th 2021 12 PM EDT (9:30 PM IST)

Who else is in your Pod?

The idea behind my talk came out of an internal discussion we had posing the question - "What would an attacker see inside a cluster if they gained access to a Pod from the Internet"? Additionally, how would the attacker get there?

With over a decade of experience in offensive security in web, mobile, cloud and network security, coming up with a scenario that will give us access to a Pod from the Internet was the easiest bit. Visualizing and identifying what an attacker can do and how they could traverse the cluster given the complexity of a cluster environment with multiple moving parts, was the learning part.

In the talk I will explore how attackers gain access to kubernetes clusters, how do they discover weaknesses that can be exploited to gain access to cluster resources and then move to gaining additional visibility within the cluster using their "Attacker in a Pod" status. We will look at the tactics and techniques that an attacker would use to evaluate and attack a Kubernetes environment and map their progress with the Kubernetes MITRE ATT&CK Framework created by Microsoft (https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/).

The talk will have real world examples taken from public hacks and examples from our Kubernetes pentest engagements.

Who are the other speakers

The conference will go on till March 25th 2021 as new speakers will be doing talks every week or so. For the full list of talks take a look at https://kubesec.aquasec.com/enterprise_online_na_2021

How do I register?

Fill the form at https://kubesec.aquasec.com/enterprise_online_na_2021#register and you are good to go!

Cheers!

More Articles

An Attacker's Approach to Pentesting IBM Cloud - fwd:cloudsec 2021
Posted by
Riyaz Walikar
on
September 14, 2021

Slides of the talk presented at fwd:cloudsec 2021, titled - "An Attacker's Approach to Pentesting IBM Cloud". The talk contains examples of attack vectors, interesting things in IBM Cloud and future work to improve documentation.

Read More
Kloudle is a BlackHat USA 2021 Sponsor
Posted by
Akash Mahajan
on
August 4, 2021

From being trainers at BlackHat to sponsoring at the conference. A bit about our journey in brief.

Read More
You do not want to miss these talks at Black Hat USA!
Posted by
Riyaz Walikar
on
August 3, 2021

A list of talks in the Cloud Security and Platform domain that we have added to our must watch list of talks as the sheer number of sessions at the Black Hat briefings can be overwhelming!

Read More

Ready to give Kloudle a try?

We help you monitor and prevent any data breaches.

Let's Talk