As Kubernetes becomes more popular it is inevitable that more clusters will come under attack by malicious actors wanting to compromise specific applications or opportunistic crooks looking to abuse resources for things like crypto-coin mining.
Organizations use Kubernete's authorization model Role-Based Access Control (RBAC) to provide better security for the cluster. They might have huge number of permissions, each one of them with potentially different risky combinations. An attacker that finds a way to a pod with privileged mounted token, can escalate its privileges, damage the cluster or even compromise it.
This talk will include live demos and a presentation of special open source tool, KubiScan, which will help blue and red teams to discover risky permissions such as privileged roles, rolebindings, users and “Hot Pods” – pods with privileged service accounts.
Compromising Kubernetes cluster by exploiting RBAC permissions
Full Talk (40 Minutes)
Food & Swag Sponsors
Learn more about each of our Event Sponsors.