Name: Advanced Persistence Threats: The Future of Kubernetes Attacks - Ian Coldwater, Heroku & Brad Geesaman, Brad Geesaman Consulting
Start: 2020-08-20T18:50:00+0200
End: 2020-08-20T19:25:00+0200

Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Back To Schedule

Advanced Persistence Threats: The Future of Kubernetes Attacks - Ian Coldwater, Heroku & Brad Geesaman, Brad Geesaman Consulting

Feedback form is now closed.

What would happen if your cluster was successfully compromised by an attacker who understands Kubernetes at a deep level? How could they attempt to avoid detection, cover their tracks, achieve full cluster access, obtain persistence, steal credentials, and launch additional attacks in your environment? As Kubernetes grows in popularity, the sophistication of attackers will improve, and security by obscurity will no longer be sufficient. Cluster operators need to be aware of what a skilled and knowledgeable attacker can be capable of.

Let’s explore the dark corners of clusters and shine a light on how features such as ephemeral containers and validating webhooks can be used to maliciously mutate pods, exfiltrate data, deploy “shadow” control planes, and more. The audience will learn how to detect these advanced approaches and how to prevent these attacks using practical, proven methods.

Speakers

Brad Geesaman

Kubernetes Security Consultant, Darkbit

Brad Geesaman is a Co-founder of Darkbit and helps clients improve the security of their clusters in cloud-native environments. When he’s not educating others on the security risks inherent in complex distributed systems, he enjoys spending time with his family in Virginia, eating... Read More →

Ian Coldwater

Security Architect, Twilio

Ian Coldwater is co-chair of Kubernetes SIG Security, a CNCF Ambassador, and a security researcher specializing in hacking and hardening Kubernetes, containers, and cloud-native infrastructure. In their spare time, they like to go roller skating, participate in Capture the Flag competitions... Read More →

Advanced Persistence Threats Ian Coldwater & Brad Geesaman pdf

CLOSE CAPTION TRANSCRIPTS QPGD 2600 txt

Thursday August 20, 2020 18:50 - 19:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/auUgVullAWM

KubeCon + CloudNativeCon Europe 2020

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Brad Geesaman

Ian Coldwater