YoVDO

Living off the Land Techniques in Managed Kubernetes Clusters

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Kubernetes Courses Cloud Security Courses Threat Detection Courses Lateral Movement Courses RBAC Courses Webhooks Courses Fluent Bit Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore Living off the Land (LotL) techniques in managed Kubernetes clusters through this informative conference talk. Delve into the compromises and security challenges introduced by managed Kubernetes services, focusing on CSP-specific cluster middleware that expands the attack surface. Learn about a series of LotL techniques that exploit middleware functionality to elevate RBAC privileges, move laterally, bypass security controls, and evade detection. Discover examples such as abusing fluent-bit for PI exfiltration, achieving cluster admin via obscure system node-problem-detector host services, and leveraging webhooks for persistency. Gain insights into the taxonomy of these techniques, their relation to CISA guidance, and their mapping onto the Kubernetes threat matrix. Understand the implications for security teams and the difficulties in distinguishing between legitimate component behavior and malicious activities in managed Kubernetes environments.

Syllabus

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Microsoft Azure Developer: Implement User Authentication and Authorization
Pluralsight Building Authorization in Azure Active Directory for Developers
Pluralsight Configuring Virtual Machines in Microsoft Azure
Pluralsight Microsoft Azure Security Engineer: Configure Secure Access Using Azure AD
Pluralsight Managing and Monitoring Access on AWS
Pluralsight