Kubernetes Security Blind Spot: Misconfigured System Pods - Shaul Ben Hai, Palo Alto Networks

less than 1 minute read

Abstract

Misconfigurations are a serious security threat to Kubernetes clusters - services with overly permissive permissions can allow an attacker to gain unauthorized access to the cluster, steal data, or deploy malicious code. The risk increases when we talk about misconfigurations in built-in features of cloud vendors - these features are often trusted by users and are not typically inspected for any security misconfigurations. Sometimes a certain misconfiguration is not necessarily a security issue that can affect our protected cloud environment. However, chaining several misconfigurations can lead to the creation of a strong exploit chain. In this talk, Shaul will discuss about Kubernetes security blind spot, System Pods, and the security consequences of a misconfiguration in those pods. He will demonstrate a real case study of a dual privilege escalation chain that was found in default configurations of GKE that allow attackers to gain unauthorized access to Kubernetes clusters.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Kubernetes Security Blind Spot: Misconfigured System Pods - Shaul Ben Hai, Palo Alto Networks

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google