logo
Dates

Author


Conferences

Tags

Sort by:  

Conference:  RSA Conference 2023
Authors: Yossi Weizman
2023-04-24

As Kubernetes clusters usually reside in the cloud, access to a container in the cluster can be a foothold to the entire cloud workload. In this session we will dive into Kubernetes lateral movements. We will elaborate on the different methods attackers can use to move from a workload in the cluster to external cloud resources. We will share practical tools to mitigate and detect those threats.
Tags:
Conference:  RSA Conference 2023
Authors: Jay Beale, Alana Trimble
2023-04-24

Kubernetes continues to gain adoption. One sign of its rapid growth is that more than five million developers are using it. Many companies don't yet have the most hardened clusters, particularly those in the early phases of their use. This session will demonstrate attacks on the DEF CON Kubernetes Capture the Flag (CTF) cluster, then teach attendees how to detect those attacks and defend against them.
Tags:
Conference:  RSA Conference 2023
Authors: Omer Azaria
2023-04-24

Kubernetes and containers are popular, but where are the major security incidents? Are attackers ignoring these systems? Are they happening but just going undetected? Or do they happen differently than expected? This session will examine these questions and how attacks against containerized workflows are likely to occur and what should be done.
Tags:
Conference:  RSA Conference 2023
Authors: Brandon Evans
2023-04-24

In theory, "cloud native" technologies like containers and Kubernetes should enable teams to implement consistent security controls. In reality, K8s security depends on the engine used, be it the Amazon's EKS, the Azure's AKS, or Google's GKE. This session will empower attendees to build and defend applications that are not cloud agnostic or cloud devout, but are truly cloud consistent.
Tags:
Conference:  RSA Conference 2023
Authors: Tracy Walker
2023-04-24

Do buzzwords like "Zero Trust" trigger vendor fatigue and anxiety? If so, then feel safe and secure with a demonstration of actual, automated Zero Trust security policies that are enforceable at network and process layers! This session will discuss Open Zero Trust, a new opensource project enables innovative security automation independent of Kubernetes to auto-create Zero Trust security policies.
Tags:
Conference:  RSA Conference 2023
Authors: Michael Coden, Dr. Michael Stonebraker
2023-04-24

An open source multi-node OS approach built on a DBMS foundation replaces Linux, Kubernetes and many security add-ons. All state is in the DBMS, exact provenance of all OS and data events is built-in using change capture, enabling next-gen monitoring and resilience properties. We show the architecture and demo the OS self-detecting & self-recovering from a successful ransomware attack in seconds. 
Tags:
Authors: Ben Hirschberg
2023-02-16

tldr - powered by Generative AI

The presentation discusses the state of Kubernetes risk, compliance, and security vulnerabilities based on the analysis of telemetry data from Kubescape, an open source tool that has scanned over 10K+ unique Kubernetes clusters. The talk sheds light on the most common misconfigurations, known software vulnerabilities, and RBAC violations in Kubernetes deployments, and provides insights on why and where Kubernetes deployments mostly commonly fail and statistics on which controls fail most. The presentation also offers simple measures to work towards eliminating these risks and improving overall cloud native security posture.
  • Telemetry data from Kubescape reveals a high number of misconfigurations, unpatched vulnerabilities, and overly-privileged users in Kubernetes systems
  • The talk highlights the most common misconfigurations across Kubernetes deployments according to multiple frameworks, known software vulnerabilities, and RBAC violations at early stages of the CI/CD pipeline
  • The presentation provides insights on why and where Kubernetes deployments mostly commonly fail and statistics on which controls fail most
  • Simple measures are offered to work towards eliminating these risks and improving overall cloud native security posture
Authors: Jimmy Mesta
2022-10-25

tldr - powered by Generative AI

The OWASP Top Ten for Kubernetes is a community-curated list of the most common Kubernetes risks backed by data collected from organizations varying in maturity and complexity. The project aims to help practitioners assess and secure the security of their containerized infrastructure.
  • The OWASP community has published a number of projects to help practitioners assess and secure the security of their containerized infrastructure
  • The OWASP Top Ten for Kubernetes is a community-curated list of the most common Kubernetes risks
  • The project is backed by data collected from organizations varying in maturity and complexity
  • The project aims to help practitioners assess and secure the security of their containerized infrastructure
Authors: Tobin Feldman-FItzthum, Mikko Ylinen
2022-10-25

Typical data protection ensures data is encrypted while in transit and at rest. Confidential computing (CC) adds data protection while data is in use, in memory, enabling end-to-end protection. Highly regulated industries such as finance and health care are driving the market for CC. Cloud service providers are adding CC capabilities in their offerings. In parallel the open-source cloud native ecosystem is seeing more new projects and start-ups building upon CC. For instance, the CNCF recently accepted the sandbox project Confidential Containers with active participation from different hardware and software vendors and CSPs. In this workshop we will talk about CC in cloud native. We will start by giving an overview of CC and a detailed introduction to the Confidential Containers project and its building blocks. Next, we walk the audience through detailed steps to get the Confidential Containers environment set up. Finally, we want to leave some time for interactive discussion with the audience about cloud native use cases and CC.
Authors: Mritunjay Sharma, Shuting Zhao, Ruhika Bulani
2022-10-25

tldr - powered by Generative AI

The panel discussion focuses on the intersection of Kyverno and DockerSlim in making Kubernetes workloads more secure.
  • Containers have become the norm as cloud adoption increases sharply.
  • Developers face challenges in making containers production-ready and secure.
  • Kyverno and DockerSlim are two projects that address these challenges.
  • Kyverno provides policies that act as a contract for shared environments like Kubernetes.
  • DockerSlim helps in minifying container images and automating the creation of AppArmor and SecComp profiles.
  • The combination of Kyverno and DockerSlim makes cluster security management easier and more efficient.