Kubernetes Security: Attacking and Defending K8s Clusters
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore Kubernetes security through a comprehensive conference talk that delves into attacking and defending K8s clusters. Gain insights into real-world attack scenarios using actual applications, understanding Kubernetes architecture, and leveraging the K8s Threat Matrix and MITRE ATT&CK for Containers. Learn about reconnaissance, exploitation, and post-exploitation phases, and discover best practices for securing clusters based on CIS Benchmarks. Master the implementation of Role-based access control (RBAC), audit logs, and network policies to enhance cluster security and prevent lateral movement by attackers.
Syllabus
Intro
Awesome K8s Security List
MITRE ATT&CK Framework ATT&C
K8s Threat Matrix by Microsoft
MITRE ATT&CK for Containers (and K8s)
Initial Access
Exploitation/Execution
kube-hunter
Internal Recon - Inspect the K8s env
Post-Exploitation / Persistence
Defending K8s
The Kube API Server
CIS Kubernetes Benchmark
Image Scanning
The Pods
Pod Security Policy (PSP)
PSP Replacement Alternatives
RBAC (Role Based Access Control)
The etcd
The Network Policy
The Audit Logs
The Basics
Taught by
OWASP Foundation
Related Courses
Ethical Hacking: Introduction to Ethical HackingLinkedIn Learning Blue Team Tools: Defense against Adversary Activity Using MITRE Techniques
Pluralsight Intro to Purple Team - Cyber Threat Intelligence, Attack, Detect, Respond
RSA Conference via YouTube Lessons from Applying MITRE ATT&CK in the Wild
RSA Conference via YouTube Generating MITRE ATT&CK DNA for Groups of Actors
Cooper via YouTube