Advanced Persistence Threats - The Future of Kubernetes Attacks

Explore advanced persistence threats and sophisticated Kubernetes attacks in this 32-minute conference talk. Discover what could happen if a skilled attacker compromises your cluster, including techniques to avoid detection, achieve full cluster access, and maintain persistence. Learn about potential exploits using ephemeral containers and validating webhooks for malicious pod mutations and data exfiltration. Gain insights into deploying "shadow" control planes and other advanced attack methods. Understand how to detect and prevent these threats using practical, proven methods. Delve into topics such as early Kubernetes architecture, API server data flow, validating webhooks, and the differences between Kubernetes and K3s. Examine the vulnerabilities in cloud environments and explore the concept of "Cluster of Clusters" for command and control. Prepare for future attack vectors and access valuable resources to enhance your Kubernetes security posture.