Explore the concept of Trampoline Pods and their potential security risks in Kubernetes environments through this informative conference talk. Delve into the world of container escapes and learn how attackers can exploit powerful pods to launch devastating attacks against clusters. Discover how popular Kubernetes platforms inadvertently install these high-risk pods and the implications for cluster security. Gain insights into mitigations and prevention strategies, including the introduction of rbac-police, a tool designed to detect Trampoline Pods and Kubernetes privilege escalations. Witness live demonstrations of exploits and understand the importance of containing container escapes to protect your entire cluster from potential takeovers.
Trampoline Pods: Node to Admin Privilege Escalation in Popular Kubernetes Platforms
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Trampoline Pods: Node to Admin PrivEsc Built Into Popular K8s Plat... Yuval Avrahami & Shaul Ben Hai
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Kubernetes for Developers: Integrating Volumes and Using Multi-container Pods
-
Kubernetes Privilege Escalation - Container Escape Equals Cluster Admin
-
Kubernetes Security Blind Spot - Misconfigured System Pods
-
Kubernetes for the Virtualization Admin - Conf42 Kube Native 2023
-
Security Practices for Kubernetes Cluster Administrators - Redteam Views
-
K8s Post-Exploitation: Privilege Escalation, Sidecar Container Injection, and Runtime Security
