K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime Security
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore post-exploitation scenarios in Kubernetes through this informative conference talk. Discover how attackers can remain undetected after compromising a K8s cluster, starting from a compromised pod and progressing through various privilege escalation methods. Learn about the innovative sidecar container injection technique, which allows attackers to inject malware or deploy new containers while maintaining stealth. Gain insights into leveraging audit logs, indicators of compromise, and security features to detect these scenarios, and understand how to utilize runtime security tools to deploy rules for attack detection. Enhance your understanding of Kubernetes security and post-exploitation techniques in this 33-minute presentation by Magno Logan from GoHacking, delivered at a CNCF event.
Syllabus
K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime... Magno Logan
Taught by
CNCF [Cloud Native Computing Foundation]