Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

From the Cluster to the Cloud: Lateral Movements in Kubernetes

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore novel techniques used in recent real-world attacks that enabled adversaries to move laterally from a container in a Kubernetes cluster to external cloud resources in this 36-minute conference talk. Delve into inner-cluster lateral movement, focusing on Kubernetes RBAC configurations that unexpectedly allowed such movements and served as the root cause of vulnerabilities in containerized applications. Learn how to identify these activities using native Kubernetes tools. Examine cluster-to-cloud lateral movement, with emphasis on cluster-to-cloud authentication methods employed by major cloud providers like Azure, AWS, and GCP. Understand the three main authentication approaches: direct/modified access to IMDS, using Kubernetes as an OIDC identity provider, and storing credentials on underlying nodes. Analyze real-world incidents of cloud environment takeovers originating from Kubernetes clusters, and discover methods to prevent and detect such activities.

Syllabus

From the Cluster to the Cloud: Lateral Movements in Kubernetes - Yossi Weizman & Ram Pliskin

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of From the Cluster to the Cloud: Lateral Movements in Kubernetes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.