Kubernetes Attack and Defense - Inception-Style
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Dive into a demo-heavy exploration of Kubernetes security vulnerabilities and defenses, mirroring the plot of the movie Inception. Witness a series of sophisticated attacks, including a software update poisoning, service interception, public cloud API exploitation, and pod security policy evasion. Learn how to implement robust defenses using OPA/Gatekeeper as an alternative to pod security policies. Gain hands-on experience with the open-source Bustakube cluster, allowing you to practice the demonstrated attack and defense scenarios. Follow along as the presenter navigates through stages of intrusion, from initial compromise to cloud-level attacks, while highlighting crucial checkpoints and defensive strategies along the way.
Syllabus
Intro
Overview
Demo
Attack
Flag
CheckPosition
Stage
Service Count Token
Cloud Attack
Taught by
CNCF [Cloud Native Computing Foundation]