From the Cluster to the Cloud: Lateral Movements in Kubernetes
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore novel techniques used in recent real-world attacks that enabled adversaries to move laterally from a container in a Kubernetes cluster to external cloud resources in this 36-minute conference talk. Delve into inner-cluster lateral movement, focusing on Kubernetes RBAC configurations that unexpectedly allowed such movements and served as the root cause of vulnerabilities in containerized applications. Learn how to identify these activities using native Kubernetes tools. Examine cluster-to-cloud lateral movement, with emphasis on cluster-to-cloud authentication methods employed by major cloud providers like Azure, AWS, and GCP. Understand the three main authentication approaches: direct/modified access to IMDS, using Kubernetes as an OIDC identity provider, and storing credentials on underlying nodes. Analyze real-world incidents of cloud environment takeovers originating from Kubernetes clusters, and discover methods to prevent and detect such activities.
Syllabus
From the Cluster to the Cloud: Lateral Movements in Kubernetes - Yossi Weizman & Ram Pliskin
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Architecting Microsoft Azure SolutionsMicrosoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera