Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Attacking Cloud Native Kubernetes With CDK

Hack In The Box Security Conference via YouTube

Overview

Explore advanced techniques for attacking cloud-native Kubernetes environments in this 33-minute conference talk from the Hack In The Box Security Conference. Dive into the world of container security as experts Zebin Zhou and Yue Xu demonstrate step-by-step methods for compromising and taking over cloud-native Kubernetes clusters. Learn about the potential weaknesses in container isolation and how to exploit them, particularly in multi-tenant serverless and Container-as-a-Service (CaaS) offerings. Discover best practices for Kubernetes red teaming, including state-of-the-art attack techniques illustrated through real-world case studies. Get introduced to the Container Penetration Toolkit (CDK), an open-source tool designed to facilitate container escapes and Kubernetes cluster takeovers. Witness a full-chain attack demonstration using CDK and gain insights into container security, incident response, and the intricacies of cloud infrastructure vulnerabilities.

Syllabus

Introduction
Agenda
Right Teams
Shell
Kubernetes Network
Container Escape
Other Kubernetes gods
Two simple examples
Point to a service
Host discovery and pod scanning
Why istio special
Results
Cloud Native API Gateway
Container escaping
Real World Case
Red Team
CDK
Connect logs
Tips
CDK Automation

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Attacking Cloud Native Kubernetes With CDK

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.