Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Living off the Land Techniques in Managed Kubernetes Clusters

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore Living off the Land (LotL) techniques in managed Kubernetes clusters through this informative conference talk. Delve into the compromises and security challenges introduced by managed Kubernetes services, focusing on CSP-specific cluster middleware that expands the attack surface. Learn about a series of LotL techniques that exploit middleware functionality to elevate RBAC privileges, move laterally, bypass security controls, and evade detection. Discover examples such as abusing fluent-bit for PI exfiltration, achieving cluster admin via obscure system node-problem-detector host services, and leveraging webhooks for persistency. Gain insights into the taxonomy of these techniques, their relation to CISA guidance, and their mapping onto the Kubernetes threat matrix. Understand the implications for security teams and the difficulties in distinguishing between legitimate component behavior and malicious activities in managed Kubernetes environments.

Syllabus

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Living off the Land Techniques in Managed Kubernetes Clusters

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.