Hacking Containers, Kubernetes and Clouds

Explore the vulnerabilities in container security, Kubernetes clusters, and cloud environments in this 26-minute conference talk. Discover how tokens, often carelessly left exposed, can be exploited to gain unauthorized access to powerful systems. Follow along as the speaker demonstrates a real-world attack on an OpenShift cluster that meets NIST and CIS security standards. Learn how hijacking a single container can lead to full cluster control, host access, and even compromise cloud resources. Gain insights into the far-reaching consequences of token mismanagement in cloud environments, including the potential to manipulate virtual machines, storage, and derived accounts. Access additional open-source training materials on Kubernetes security to further enhance your understanding of these critical issues.

Hacking Containers, Kubernetes and Clouds