Cluster Grey Zone - Risks in Managed Cluster Middleware
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore the security risks associated with Managed Cluster Middleware (MCM) in cloud-managed Kubernetes services in this 30-minute conference talk by Shay Berkovich and Barak Sharoni from Wiz. Delve into the less-documented components automatically deployed by Cloud Service Providers (CSPs) on worker nodes, and understand their potential impact on cluster security. Learn about the additional threat surface introduced by MCM, including high privileges, network exposure, and vulnerabilities. Discover why MCM can be an attractive target for attackers and why it's often overlooked by scanners and configuration tools. Gain insights on how to adjust your Kubernetes threat model based on this research, building upon previous findings on cloud grey zones.
Syllabus
Cluster Grey Zone: Risks in Managed Cluster Middleware - Shay Berkovich & Barak Sharoni, Wiz
Taught by
CNCF [Cloud Native Computing Foundation]