Loading…
Attending this event?
December 6-8, 2017 - Austin, Texas
Click Here for More Information + Registration 

Customize your schedule by session topic and skill level:
Session Topic - Refer to the "Type" filter list to the right to find a session based on topic. Talk Difficulty - Sessions are categorized as [B]eginner, [I]ntermediate or [A]dvanced at the end of each talk title. No letter indicates an “Any” level. 
View analytic
Friday, December 8 • 2:00pm - 2:35pm
Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec

Sign up or log in to save this to your schedule and see who's attending!

While Kubernetes offers new and exciting ways to deploy and scale container-based workloads in production, many organizations may not be aware of the security risks inherent in the out-of-the-box state of most Kubernetes installations and the common practices for deploying workloads that could lead to unintentional compromise. Join Brad Geesaman, the Cyber Skills Development team lead at Symantec, on an eye-opening journey examining real compromises and sensitive data leaks that can occur inside a Kubernetes cluster, highlighting the configurations that allowed them to succeed, applying practical applications of the latest built-in security features and policies to prevent those attacks, and providing actionable steps for future detection.

The hardening measures taken in response to the attacks demonstrated will include guidelines for improving configurations installed by common deployment tools, securing the sources of containers, implementing firewall and networking plugin policies, isolating workloads with namespaces and labels, controlling container security contexts, better handling of secrets and environment variables, limiting API server access, examining audit logs for malicious attack patterns, and more.

Speakers
avatar for Brad Geesaman

Brad Geesaman

Engineering Lead, Independent
Brad was recently the Cyber Skills Development Engineering Lead at Symantec Corporation where he supported the operations and delivery of ethical hacking learning simulations on top of Kubernetes in AWS. Although he spent several years as a penetration-tester, his real passion is... Read More →



Friday December 8, 2017 2:00pm - 2:35pm
Meeting Room 12AB, Level 4

Attendees (327)