KubeSec is an industry event hosted by Aqua and their partners that focuses on security in cloud native environments, addressing the demanding security and compliance requirements when deploying Kubernetes in production.
The talks are spaced out over multiple weeks and has industry leaders and speakers from the following organizations
My talk titled - “Who else is in your Pod?” is scheduled for March 18th 2021 12 PM EDT (9:30 PM IST)
The idea behind my talk came out of an internal discussion we had posing the question - “What would an attacker see inside a cluster if they gained access to a Pod from the Internet”? Additionally, how would the attacker get there?
With over a decade of experience in offensive security in web, mobile, cloud and network security, coming up with a scenario that will give us access to a Pod from the Internet was the easiest bit. Visualizing and identifying what an attacker can do and how they could traverse the cluster given the complexity of a cluster environment with multiple moving parts, was the learning part.
In the talk I will explore how attackers gain access to kubernetes clusters, how do they discover weaknesses that can be exploited to gain access to cluster resources and then move to gaining additional visibility within the cluster using their “Attacker in a Pod” status. We will look at the tactics and techniques that an attacker would use to evaluate and attack a Kubernetes environment and map their progress with the Kubernetes MITRE ATT&CK Framework created by Microsoft (https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/).
The talk will have real world examples taken from public hacks and examples from our Kubernetes pentest engagements.
The conference will go on till March 25th 2021 as new speakers will be doing talks every week or so. For the full list of talks take a look at ttps://kubesec.aquasec.com/enterprise_online_na_2021
Fill the form at https://kubesec.aquasec.com/enterprise_online_na_2021#register and you are good to go!
Cheers!
