Trampoline Pods: Node to Admin Privilege Escalation in Popular Kubernetes Platforms
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore the concept of Trampoline Pods and their potential security risks in Kubernetes environments through this informative conference talk. Delve into the world of container escapes and learn how attackers can exploit powerful pods to launch devastating attacks against clusters. Discover how popular Kubernetes platforms inadvertently install these high-risk pods and the implications for cluster security. Gain insights into mitigations and prevention strategies, including the introduction of rbac-police, a tool designed to detect Trampoline Pods and Kubernetes privilege escalations. Witness live demonstrations of exploits and understand the importance of containing container escapes to protect your entire cluster from potential takeovers.
Syllabus
Trampoline Pods: Node to Admin PrivEsc Built Into Popular K8s Plat... Yuval Avrahami & Shaul Ben Hai
Taught by
CNCF [Cloud Native Computing Foundation]