Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Advanced Persistence Threats - The Future of Kubernetes Attacks

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore advanced persistence threats and sophisticated Kubernetes attacks in this 32-minute conference talk. Discover what could happen if a skilled attacker compromises your cluster, including techniques to avoid detection, achieve full cluster access, and maintain persistence. Learn about potential exploits using ephemeral containers and validating webhooks for malicious pod mutations and data exfiltration. Gain insights into deploying "shadow" control planes and other advanced attack methods. Understand how to detect and prevent these threats using practical, proven methods. Delve into topics such as early Kubernetes architecture, API server data flow, validating webhooks, and the differences between Kubernetes and K3s. Examine the vulnerabilities in cloud environments and explore the concept of "Cluster of Clusters" for command and control. Prepare for future attack vectors and access valuable resources to enhance your Kubernetes security posture.

Syllabus

ADVANCED PERSISTENCE THREATS
EARLY K8S ARCHITECTURE
GOALS What might an attacker want to do?
DEMO Tapping into the API Server Data Flow
VALIDATING WEBHOOKS . Virtual
DEMO Shadow API Server
KUBERNETES VS K3S
ALL CLOUDS ARE BROKEN
C2: CLUSTER OF CLUSTERS 23 Virtual
WHAT'S COMING
COMING FULL CIRCLE
RESOURCES

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Advanced Persistence Threats - The Future of Kubernetes Attacks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.