Kubernetes from a Attacker's Perspective

Welcome to OWASP Bay Area's YouTube!

To contribute to Hacker Thursday as a speaker or would like to host us, email us at owaspht[at]gmail[dot].com or drop a DM at @owaspbayarea on instagram!

------------------------------

Kubernetes is everywhere, a container orchestration platform that is actively supported by all major cloud providers and adopted by companies across size and scale. However, the distributed nature of the system at its core has new and interesting security implications that cannot be tested using conventional tools and techniques.

This talk is aimed for anyone interested in exploring the depths of Kubernetes security from an attacker's perspective including DevSecOps Teams looking to defend against attacker tools and techniques.

The session will provide a high-level overview of Kubernetes architecture from an attacker's perspective i.e. what can be attacked. Subsequently look at, through demos, modern attacker tools and techniques using various real-world scenarios for attacking applications and components in a Kubernetes cluster.

Outline
- Attacker's intro to Kubernetes
- Kubernetes attack surfaces (Threat Model)
- Attacker in a Pod (Starting Point)
- Attack scenarios (live)
- Cloud infrastructure attack surface in Kubernetes (GKE)
- Namespace breakout using hostPath volume mounts

Speaker:
Abhishek has over 10 years experience doing security research, security services including penetration testing, source code review, training etc. He is currently working as the Head of Technology at Appsecco, where his core area of focus is building security automation platforms using cloud-native solutions. He is credited with multiple vulnerability discoveries across enterprise products with CVEs to his name such as CVE[masked], CVE[masked], CVE-2015- 1682, CVE[masked], CVE[masked], CVE[masked], CVE[masked]. As an open source software contributor, he has developed or contributed to multiple projects including Wireplay, Penovox, HiDump, RbWinDBG.