Hacking and Hardening Kubernetes Clusters Using Examples [I] – Brad Geesaman, Symantec

Hacking and Hardening Kubernetes Clusters Using Examples [I] – Brad Geesaman, Symantec

HomeCNCF [Cloud Native Computing Foundation]Hacking and Hardening Kubernetes Clusters Using Examples [I] – Brad Geesaman, Symantec
CNCF [Cloud Native Computing Foundation] Available on Youtube Published 7 years ago
Hacking and Hardening Kubernetes Clusters Using Examples [I] – Brad Geesaman, Symantec
ChannelPublish DateThumbnail & View CountDownload Video
Channel AvatarPublish Date not found Thumbnail
0 Views
View on YouTube Download Video
Hacking and Hardening Kubernetes Clusters Using Examples [I] – Brad Geesaman, Symantec

While Kubernetes offers new and exciting ways to deploy and scale container-based workloads in production, many organizations may be unaware of the security risks inherent in the out-of-the-box state of most Kubernetes installations and common practices for deploying workloads that can lead to unintentional compromises. Join Brad Geesaman, lead of the Cyber Skills Development team at Symantec, on an insightful journey examining real-world compromises and sensitive data leaks that can occur in a Kubernetes cluster, highlighting the configurations that led to their success, applying practical applications of the latest built-in security features and policies to prevent these attacks, and providing actionable steps for future detection.

Hardening measures taken in response to the attacks demonstrated include policies to improve configurations installed by common deployment tools, secure container sources, implement firewall and network plugin policies, isolate workloads with namespaces and labels, control container security contexts, better handle secrets and environment variables, restrict API server access, examine audit logs for malicious attack patterns, and more.

About Brad Geesaman
Brad most recently served as a Cyber Skills Development Engineering Lead at Symantec Corporation, where he supported the operation and delivery of learning simulations on Ethical Hacking on Kubernetes in AWS. Although he has worked as a penetration tester for several years, his true passion is educating others about the real-world security risks inherent in complex infrastructure systems through demonstrations followed by practical, actionable advice on detection and prevention.
Join us at KubeCon + CloudNativeCon May 20-23 in Barcelona, June 24-26 in Shanghai, and November 18-21 in San Diego! For more information, visit https://kubecon.io. The conference will feature presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all other CNCF-hosted projects.

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.