Mastering the art of Attacking and Defending a Kubernetes Cluster
|
Abstract
Many organisations that have adopted a cloud-native stack are under the misinterpretation that the security of Kubernetes (K8s) clusters fall within the remit of cloud service providers. This misconception leads them to believe that either cluster offensive security is not required, or is considered a low priority exercise. As a result, organisations are not fully aware of the business value-add and significance associated with engaging in offensive security testing for K8s cluster. In my investigations across multiple organisations, it was observed that there is an underestimation regarding the potential risks associated with misconfigurations in K8s clusters and integrated components within the cloud-native stack. In this talk, I will share why organisations need to conduct offensive security assessments on K8s clusters, along with attack chains reflecting real world techniques on infiltrating and exploitation of a K8s cluster. The audience will acquire knowledge on how to attack a K8s cluster and learn about key controls that enhance the security posture of K8s cluster using defense in depth methodology. Speaker Bio: An IT security professional, a father, and an avid traveler with more than 15 years of professional experience in diverse industries such as Tier 1 banks, telecommunications giants, software development firms, Big4 consulting firms, and oil and gas companies. I specialise in conducting both offensive and defensive security assessments for Kubernetes clusters and CI/CD pipelines within cloud-native environments. My expertise extends to performing penetration tests on web applications, APIs, mobile applications, as well as network and infrastructure components. When not working, I love to go for road trips with my family, exploring destinations around the world, and playing table tennis with my son. |