Explore advanced Kubernetes security vulnerabilities and privilege escalation tactics in this 29-minute conference talk by Andrew Martin and Iain Smart from ControlPlane. Dive into the world of cloud native security, learning how rogue insiders, disgruntled developers, and external threats can exploit Kubernetes clusters. Discover techniques for escalating privileges, maintaining persistence, causing cluster-wide damage, and concealing malicious activities. Gain insights into best practices for detection and cost-effective strategies to secure your clusters. Understand critical Kubernetes vulnerabilities that SREs, security teams, and penetration testers should be aware of, along with mitigation techniques. Examine edge cases of component abuse and unusual interactions between components. Learn to identify various adversary levels and tailor defenses accordingly. Walk away with knowledge of the most economical and rapid strategies for robust cluster security in this enthralling exploration of Kubernetes privilege escalation tactics.
Kubernetes Privilege Escalation Tactics - Understanding and Mitigating Vulnerabilities
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
I'll Let Myself In: Kubernetes Privilege Escalation Tactics - Andrew Martin & Iain Smart
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
The Complete Pentesting and Privilege Escalation Course
-
Kubernetes Privilege Escalation - Container Escape Equals Cluster Admin
-
Implementing Container Privilege Escalation Detection Using eBPF for Cloud Native Security
-
K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime Security
-
Kubernetes Security Blind Spot - Misconfigured System Pods
-
GitOps System Security - Protecting Against Privilege Escalation
