Learn about critical security vulnerabilities in GitOps systems through a conference talk that examines CVE-2024-31989, a significant vulnerability discovered in Argo. Explore how default configurations can lead to privilege escalation and complete cluster takeover, using real-world examples from popular open-source projects. Discover common misconfiguration pitfalls that can result in data theft and compromised Kubernetes clusters, while gaining practical knowledge about implementing proper security measures. Obtain valuable tools and a comprehensive guide for protecting GitOps deployments against potential security threats and privilege escalation attacks.
GitOps System Security - Protecting Against Privilege Escalation
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
GitOops... I Did It Again! Protecting Your GitOps System from Being Use... Oreen Livni & Elad Pticha
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Argo CD and GitOps Security: Exploiting Redis Vulnerability in Kubernetes Clusters
-
Kubernetes Security Blind Spot - Misconfigured System Pods
-
Secure Multicluster Istio Configuration Using GitOps Patterns
-
K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime Security
-
The Journey from ClickOps to GitOps at Ford with Red Hat
-
Auditing Kubernetes Users: Tracking Security Holes
