With the increase in Kubernetes adoption, securing your cluster is becoming a key concern. This talk aims to increase awareness of k8s security risks and how you can remediate them by showcasing common misconceptions around the topic and demonstrating privilege escalation vulnerabilities according to MITRE ATT&CK and OWASP. The talk will include a short demo on Canonical Microk8s.
By the end of this talk, attendees will:
- Learn how to quickly get up and running with Microk8s using Multipass
- Understand common privilege escalation attacks, such as namespace bypass, container escape and RBAC model exploitation
- Understand which compensating controls can be put in place to reduce the attack surface.
Session author bios
Natalia is a software engineer at Canonical, currently working in the Identity team on IAM solutions. Her main areas of interest include cybersecurity and cryptography.
|Level of Difficulty||Intermediate|