Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Live Security Hack - Hack My Mis-configured Kubernetes

Linux Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a live security hack demonstration that exposes vulnerabilities in a misconfigured Kubernetes cluster. Witness how an attacker can escalate privileges from a vulnerable web application to gaining full control of the entire cluster. Learn about the attacker's thought process, timeline of exploitation, and critical vulnerabilities such as environment variables, service tokens, and directory traversal. Discover essential security measures including secure namespaces, readonly root file systems, and proper network configurations. Gain insights into container primitives, critical execution paths, and the importance of changing default settings. Understand the principles of confidentiality, availability, and integrity in Kubernetes security. Apply these lessons to strengthen your own cluster's defenses and prevent potential attacks.

Syllabus

Introduction
Demo Overview
Thought Process
What We Know
Timeline of Doom
Environment Variables
Network Information
Service Token
Update Timeline
Directory traversal vulnerability
Access Matrix
Secure namespace
Security boundary
Readonly root file system
Spawn root pod
Spawn nonroot container
Exploring the network
Update
Hack with new token
That was awesome
Confidentiality Availability Integrity
Container Primitives
Container Image
Critical Execution Path
Change Defaults
Be Careful With Your Code

Taught by

Linux Foundation

Reviews

Start your review of Live Security Hack - Hack My Mis-configured Kubernetes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.