DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security

less than 1 minute read

Abstract

See how to use kube-hunter to run penetration tests on your Kubernetes clusters, and reveal misconfigurations that might leave you open to attack! Kube-hunter is an open source tool that simulates what a hacker might do when trying to attack a deployment. We’ll discuss the motivations behind the project, and some interesting aspects of how it is implemented. There will be plenty of demos, including: - Testing for the basics, like an unsecured Kubelet API - Simulating an attack from within a compromised container - Re-using credentials from a compromised container You’ll need a basic understanding of Kubernetes components, and with using curl to issue API requests. You’ll leave this talk ready to test your own cluster, and with new insights into the possible routes that an attacker might attempt. Perhaps you’ll even be inspired to submit a new Hunter to the project!

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google