Wednesday

Room 4

16:20 - 17:20 (UTC+02)

Talk (60 min)

The Hand That Feeds - How to Misuse Kubernetes

We usually trust the hand that feeds, but what happens when we can't trust the hand that feeds us? How do we run applications when there is little to no trust? In this session, we're going to start by taking a look at attack paths in and around Kubernetes, acting as a Red Team. We'll take advantage of an OWASP vulnerability within a Supply Chain attack giving us an entry point. From there, together we'll explore how an attacker can take further control of the cluster via lateral and vertical movements. Once we have your attention from seeing how this could be someone's worst day, we'll look at how we can patch this up as a Blue Team. What do we have available from Kubernetes that can mitigate some of this disaster, and what practices should we put in place to further strengthen and defend our compute. From attending this session, you'll leave with a Purple Team understanding of core concepts within Kubernetes, that defence is strengthened with depth, and how we can defend from Script Kiddies to Nation States.

Cloud
Containers
Security
Cloud Native

Lewis Denham-Parry

Lewis works for Control Plane as the Head of Training, orchestrating the ocean of containers with Kubernetes whilst defending them from piratical attacks (which is usually from himself).

He co-founded Cloud Native Wales, an initiative to help people learn Cloud Native technologies and establish a community to support each other. When he's not playing with tech, he's busy trying to be an adult or actively seeking a comfy chair to read a book or trying to find some snow to ski on.

Follow Lewis at, @denhamparry, @controlplaneio, and @cloudnativewal.