Security Attacks in Kubernetes Cluster Due to Security Best Practices Violation
CAE in Cybersecurity Community via YouTube
Overview
Syllabus
Intro
Overview of application Infrastructure
Development and Operations
Virtualized Deployment
Containerized Deployment
Evolution of Application Deployment
Why Container Orchestration?
What is Kubernetes
Kubernetes Architecture
Kubernetes Usage and Benefits
Kubernetes Developer Community
Practitioners Security Concerns in Kubernetes
Security Attacks in Kubernetes Cluster
Multi-vocal Literature Review of Kubernetes
Multi-vocal Literature Review (Kubernetes Challenges)
Multi-vocal Literature Review (Current Kubernetes Research)
Security Defects in Kubernetes Manifests
Kubernetes Security Best Practices
Threat Model for misconfigured RBAC
Attacks for Misconfigured RBAC
Threat Model for misconfigured Pod
Attack for misconfigured pod
Attack in the Default Namespace
Threat Model for Network Policy
Possible Attacks for Undefined Network Policy
Threat Model for ETCD secret
Attack for Unencrypted ETCD
Threat Model for Resource Limit
Attacks for Resource Limit
Conclusion and Future Work
Summary
Questions
Taught by
CAE in Cybersecurity Community