All Your Containers Are Belong to Us

Explore the security challenges posed by container orchestration tools in this 25-minute conference talk from BSidesSF 2019. Delve into a research study that uncovered over 20,000 publicly accessible management nodes exposed to the internet, including platforms like Kubernetes, Mesos Marathon, RedHat OpenShift, Docker Swarm, and Portainer. Learn about the implications of these findings and gain valuable recommendations for securing orchestration systems in public cloud environments. Discover the research methodology, identify the most popular cloud providers hosting containers, and explore regional trends. Witness demonstrations of potential exploits and uncover vulnerabilities in management UIs and APIs. Gain insights into securing Kubernetes dashboards, API servers, and master nodes, and learn best practices for network access control. Equip yourself with the knowledge to protect your container ecosystems and mitigate risks in the rapidly evolving landscape of cloud application deployment.

Introduction
Agenda
Why an Orchestrator
Why Kubernetes is Hot
Disclaimers
Kubernetes Dashboard
Demo
Results
Dashboard
Findings
Recommendations
API Server
Kubernetes Master
Our Findings
Our Recommendations
EtsyD
Showdown
Search
Formatting
SED
Network Access
Final Thoughts
Resources