The Attacker Perspective - Insights From Hacking Alibaba Cloud's Managed Kubernetes Environments
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore a real-life case study of an attack on a managed Kubernetes environment in this 32-minute conference talk from KubeCon + CloudNativeCon. Follow the step-by-step engagement with Alibaba Cloud's managed K8s environments, starting as an external user and progressing through code execution, privilege escalation, container escape, lateral movement, and ultimately gaining unauthorized access to other customers' databases. Gain valuable insights into how small configuration errors can be chained together to lead to a complete compromise of a managed cluster. Learn from this attacker's perspective to strengthen your own deployments and enhance your organization's security posture in managed Kubernetes environments.
Syllabus
The Attacker Perspective - Insights From Hacking Alibaba Cloud... Hillai Ben-Sasson & Ronen Shustin
Taught by
CNCF [Cloud Native Computing Foundation]