Rooting out security risks lurking in your kubernetes ecosystem
The goal of this talk is to broaden the awareness of the how and why Kubernetes attacks and escapes work and measures to secure the clusters.
- Starting from a brief tour of the Kubernetes ecosystem
- covering in-depth defense mechanisms for multiple critical resources
- Then looking at cloud Native threat modelling scenarios using the tool(demo)
- Demo on a vulnerable and secured infrastructure with the tool
- Demo on continuous monitoring and alerting techniques
- Sharing the slides, playground setup and the tool with the audience
- Question and Answers
Takeaway
- Take home advanced actionable techniques to threat model and secure your Kubernetes clusters.
- A commercial grade open source tool for scanning and alerting for Kubernetes security issues
- A self hosted production grade Kubernetes playground with pure Kubernetes misconfigurations
- A digital guide of the content presented
More about Vasant Chinnipilli
Vasant is a security enthusiast and speaker, currently working as a Security Architect and DevSecOps Practitioner.
His technical abilities span a wide range of technologies across various domains of information security including cloud and container security and penetration testing. He is keen about cloud and cloud native security, devsecops and security automation.
He is passionate about bridging the gap between the security and DevOps teams through finding effective ways to integrate security in the devops processes and allow security tools to flow freely through DevOps pipelines.
He is also the developer of Kubestriker, an open source, platform agnostic security auditing tool, specially designed to secure the cloudnative and tackle Kuberenetes cluster security issues. This tool has been showcased in various conferences including Blackhat, Devseccon and DefCon.