Explore the vulnerabilities in container security, Kubernetes clusters, and cloud environments in this 26-minute conference talk. Discover how tokens, often carelessly left exposed, can be exploited to gain unauthorized access to powerful systems. Follow along as the speaker demonstrates a real-world attack on an OpenShift cluster that meets NIST and CIS security standards. Learn how hijacking a single container can lead to full cluster control, host access, and even compromise cloud resources. Gain insights into the far-reaching consequences of token mismanagement in cloud environments, including the potential to manipulate virtual machines, storage, and derived accounts. Access additional open-source training materials on Kubernetes security to further enhance your understanding of these critical issues.
Overview
Syllabus
Hacking Containers, Kubernetes and Clouds
Taught by
media.ccc.de
Related Courses
-
Introduction to Containers, Kubernetes and OpenShift
-
Kubernetes Security: Minimizing Microservice Vulnerabilities
-
Red Hat Certified Specialist in OpenShift Administration: Managing Users, Policies, and Resource Access
-
Deploy containers by using Azure Kubernetes Service (AKS)
-
Monitoring Container Operations in Oracle Cloud Container Engine for Kubernetes
-
Google Kubernetes Engine Deep Dive
