Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Tuesday, August 18 • 13:00 - 13:35
How This Innocent Image Had a Party in My Cluster - Amir Jerbi & Itay Shakury, Aqua Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
As security practices and tools for scanning container images are becoming increasingly popular, malicious actors are introducing sophisticated techniques to obfuscate their intent and evade scanning tools. The malware they plant cannot be detected using static analysis, or based on signatures. But dynamic analysis that runs the image, and then traces the activity of the running container can detect and document the entire multi-stage attack.

In this talk, we will review the evolution of these attacks as observed by Aqua’s security research team, and demonstrate the full chain of events and IoCs (indicators if compromise) that were detected. We will give practical advice on what developers and cluster admins should do to detect similar techniques, and the security controls the should be employed to reduce the chances of such an attack succeeding, as well as reduce its potential impact.

avatar for Itay Shakury

Itay Shakury

VP Open Source, Aqua Security
Itay Shakury is the VP of Open Source at Aqua Security, where he leads engineering for open source, cloud native security solutions. Itay has some 20 years of professional experience in various software development, architecture and product management roles. Itay is also a CNCF Cloud... Read More →
avatar for Amir Jerbi

Amir Jerbi

Co-founder and CTO, Aqua Security
Amir is the co-founder and CTO of Aqua Security, which he started 4 years ago. Before joining Aqua , he was the Chief Architect at CA Technologies and has 14 cloud and virtual security related patents and published papers. Amir is the co-organizer of the Tel Aviv Cloud Native Computing... Read More →

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259