Compromising Kubernetes cluster by exploiting RBAC permissions

Full Talk (40 Minutes)

As Kubernetes becomes more popular it is inevitable that more clusters will come under attack by malicious actors wanting to compromise specific applications or opportunistic crooks looking to abuse resources for things like crypto-coin mining.
Organizations use Kubernete's authorization model Role-Based Access Control (RBAC) to provide better security for the cluster. They might have huge number of permissions, each one of them with potentially different risky combinations. An attacker that finds a way to a pod with privileged mounted token, can escalate its privileges, damage the cluster or even compromise it.
This talk will include live demos and a presentation of special open source tool, KubiScan, which will help blue and red teams to discover risky permissions such as privileged roles, rolebindings, users and “Hot Pods” – pods with privileged service accounts.
~/event sponsors
Platinum Sponsors
Gold Sponsors
Silver Sponsors
Food & Swag Sponsors
Community Partners
Event Organizer
Learn more about each of our Event Sponsors.