Overview
Explore advanced persistence threats and sophisticated attacks on Kubernetes in this 47-minute RSA Conference talk. Delve into the potential capabilities of attackers with deep Kubernetes knowledge as Ian Coldwater and Brad Geesaman uncover new advanced attack techniques. Learn practical methods for detecting and preventing these threats, examining dark corners of clusters and shedding light on emerging security challenges. Gain insights into Kubernetes architecture, cloud-native computing, and the evolving landscape of container security. Witness demonstrations of validating webhooks, K3S usage, and exploit techniques. Understand the importance of audit logs and discover resources for securing Kubernetes environments. Suitable for those familiar with Linux, networking fundamentals, containers, and Kubernetes basics.
Syllabus
Introduction
Questions
Kubernetes
Kubernetes Architecture
Cloud Native Computing Foundation
Additional Features
Everyone Needs to Level Up
Kubernetes is a Fastpaced Project
Kubernetes Versions
The Landscape
Attacker Mindset
Demo
Validating Webhook
Custom Webhooks
Demo Validating Webhooks
Managing Kubernetes Providers
StackDriver
StackDriver Example
The Real API Server
What is K3S
How to use K3S
Demonstration
Upcoming Kubernetes Features
Couplet Exploit
Demo of Exploit
Review Audit Logs
Secure Kubernetes
Resources
Taught by
RSA Conference