Mish-Mesh: Abusing the Service Mesh to Compromise Kubernetes Environments
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Learn how to identify and protect against service mesh vulnerabilities in Kubernetes environments through this technical conference talk. Explore real-world examples of how common misconfigurations and insecure features in popular solutions like Linkerd and Istio can be exploited to escalate low-severity vulnerabilities into critical service takeovers. Discover actual cases from major cloud service providers where these security gaps enabled unauthorized access to internal systems and sensitive data. Gain practical knowledge for both engineering and security teams on properly configuring service mesh deployments as security barriers, implementing effective defense strategies, and understanding new techniques for testing Kubernetes environment security.
Syllabus
Mish-Mesh: Abusing the Service Mesh to Compromise Kubernetes Envir... Hillai Ben-Sasson & Nir Ohfeld
Taught by
CNCF [Cloud Native Computing Foundation]