Hack my mis-configured Kubernetes
Or Kamara at All The Talks 2020 - Cloud native/container
In the last few years we've seen more and more responsibilities shift left - to development teams. With the widespread adoption of Kubernetes, we're now seeing configurations become a developer issue first and foremost. This responsibility means that developers need to be aware of the security risks involved in their configurations.
Just by themselves those configuration security risks might not be so harmful. But with other vulnerable components in the production environment, like the libraries used in the application, or a malicious container, potential attackers can build a multi-steps attack vector, using all of these risks together. As developers, we should give the necessary attention to those risks, and make sure that our applications and clusters are as secure as possible.
In this hands-on presentation, we’ll demonstrate some of the key security issues that affect your Kubernetes configuration, including:
SecurityContext pitfalls like Privileged pods
Running pods without resource limitations
We’ll explain what they actually mean, what an attacker can do to your cluster and how you can fix them.
Or Kamara
Software Development Team Lead at Snyk
Or Kamara is a software development team lead at Snyk, a developer-first security company that helps organizations use open source and stay secure.
Or has led the development of complex cyber security projects, and has over ten years experience in software engineering, research, and project management.
Prior to Snyk, Or served as a senior security researcher & developer and as a team lead at the Government of Israel.
Just by themselves those configuration security risks might not be so harmful. But with other vulnerable components in the production environment, like the libraries used in the application, or a malicious container, potential attackers can build a multi-steps attack vector, using all of these risks together. As developers, we should give the necessary attention to those risks, and make sure that our applications and clusters are as secure as possible.
In this hands-on presentation, we’ll demonstrate some of the key security issues that affect your Kubernetes configuration, including:
SecurityContext pitfalls like Privileged pods
Running pods without resource limitations
We’ll explain what they actually mean, what an attacker can do to your cluster and how you can fix them.
Or Kamara
Software Development Team Lead at Snyk
Or Kamara is a software development team lead at Snyk, a developer-first security company that helps organizations use open source and stay secure.
Or has led the development of complex cyber security projects, and has over ten years experience in software engineering, research, and project management.
Prior to Snyk, Or served as a senior security researcher & developer and as a team lead at the Government of Israel.