GitOps System Security - Protecting Against Privilege Escalation
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Learn about critical security vulnerabilities in GitOps systems through a conference talk that examines CVE-2024-31989, a significant vulnerability discovered in Argo. Explore how default configurations can lead to privilege escalation and complete cluster takeover, using real-world examples from popular open-source projects. Discover common misconfiguration pitfalls that can result in data theft and compromised Kubernetes clusters, while gaining practical knowledge about implementing proper security measures. Obtain valuable tools and a comprehensive guide for protecting GitOps deployments against potential security threats and privilege escalation attacks.
Syllabus
GitOops... I Did It Again! Protecting Your GitOps System from Being Use... Oreen Livni & Elad Pticha
Taught by
CNCF [Cloud Native Computing Foundation]