Explore post-exploitation scenarios in Kubernetes through this informative conference talk. Discover how attackers can remain undetected after compromising a K8s cluster, starting from a compromised pod and progressing through various privilege escalation methods. Learn about the innovative sidecar container injection technique, which allows attackers to inject malware or deploy new containers while maintaining stealth. Gain insights into leveraging audit logs, indicators of compromise, and security features to detect these scenarios, and understand how to utilize runtime security tools to deploy rules for attack detection. Enhance your understanding of Kubernetes security and post-exploitation techniques in this 33-minute presentation by Magno Logan from GoHacking, delivered at a CNCF event.
K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime Security
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime... Magno Logan
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Implementing Container Privilege Escalation Detection Using eBPF for Cloud Native Security
-
Kubernetes Privilege Escalation - Container Escape Equals Cluster Admin
-
Kubernetes Security: Attacking and Defending K8s Clusters
-
Kubernetes Privilege Escalation Tactics - Understanding and Mitigating Vulnerabilities
-
Security Practices for Kubernetes Cluster Administrators - Redteam Views
-
Hack My Mis-Configured Kubernetes: Security Vulnerabilities and Best Practices
