Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Bypassing Falco - How to Compromise a Cluster without Tripping the SOC

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore advanced techniques for bypassing Falco, a popular runtime security tool for Kubernetes, in this 34-minute conference talk by Shay Berkovich from BlackBerry. Discover nine different classes of bypasses, including seven novel methods, that allow for stealthy target enumeration, privilege escalation, and lateral movement within a cluster. Learn how to leverage a specially designed container image and code snippets to automate these bypasses. Witness a practical demonstration of applying these techniques to compromise a secure Kubernetes cluster without alerting security operations. Gain valuable insights into the limitations of current security tools and understand the evolving landscape of Kubernetes security challenges.

Syllabus

Bypassing Falco: How to Compromise a Cluster without Tripping the SOC - Shay Berkovich, BlackBerry

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Bypassing Falco - How to Compromise a Cluster without Tripping the SOC

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.