Overview
Dive deep into Kubernetes lateral movements in this 27-minute conference talk from NorthSec 2022. Explore different identity types used by Kubernetes and learn how attackers exploit these identities to escalate privileges within the cluster and move laterally to external cloud resources. Examine various cluster-to-cloud authentication methods in AKS, EKS, and GKE, along with their associated risks. Gain insights from real-world examples of misconfigurations that led to cluster takeovers and discover effective prevention strategies.
Syllabus
NSEC2022 - Yossi Weizman - From the cluster to the cloud and back to the cluster: Lat. mov. in K8s
Taught by
NorthSec