Tweet
Title: Breaking and Pwning Docker Containers and Kubernetes Clusters
Instructor: Madhu Akula
Abstract:
An organization using micro services or any other distributed architecture rely heavily on containers and orchestration engines like Kubernetes and as such its infrastructure security is paramount to its business operations. This workshop will focus on how attackers can break into docker container and Kubernetes clusters to gain access, escalate privileges to infrastructure by using misconfigurations and application security vulnerabilities. Trainer will share examples of real world security issues found in penetration testing engagements to showcase mapping of the attack usually happens in the real world.
By the end of the workshop participants will able to identify and exploit vulnerabilities in applications running on containers inside Kubernetes clusters. The key take away for audience will be learning from these scenarios how they can assess their environments and fix them before attackers gain control over their infrastructure.
By the end of workshop participants will be able to:
Understand Docker and Kubernetes security architecture
Attack & Audit containerised infrastructure for security vulnerabilities and misconfigurations
Learning from these scenarios how they can assess their environments and fix them before attackers gain control over their modern infrastructure
Learn commonly used tools, techniques and procedures (TTPs) for cloud native infrastructure
The participants will get the following:
Ebooks of the training covering all hands-on in a step by step guide (HTML, PDF, EPub, Mobi)
Virtual machines to learn & practice scenarios covered in the workshop
Other references to learn more about topics covered in the workshop
Level: Beginner/Intermediate
Pre-Requisites: None
Required Materials:
A laptop with administrator privileges
At least 8GB of RAM, 10GB of Disk space free on the system
Laptop should support hardware-based virtualization
If your laptop can run a 64-bit virtual machine in Oracle VirtualBox it should work
Other virtualization software might work but we will not be able to provide support for that
USB Ports for copying data
Instructor: Madhu Akula
Abstract:
An organization using micro services or any other distributed architecture rely heavily on containers and orchestration engines like Kubernetes and as such its infrastructure security is paramount to its business operations. This workshop will focus on how attackers can break into docker container and Kubernetes clusters to gain access, escalate privileges to infrastructure by using misconfigurations and application security vulnerabilities. Trainer will share examples of real world security issues found in penetration testing engagements to showcase mapping of the attack usually happens in the real world.
By the end of the workshop participants will able to identify and exploit vulnerabilities in applications running on containers inside Kubernetes clusters. The key take away for audience will be learning from these scenarios how they can assess their environments and fix them before attackers gain control over their infrastructure.
By the end of workshop participants will be able to:
Understand Docker and Kubernetes security architecture
Attack & Audit containerised infrastructure for security vulnerabilities and misconfigurations
Learning from these scenarios how they can assess their environments and fix them before attackers gain control over their modern infrastructure
Learn commonly used tools, techniques and procedures (TTPs) for cloud native infrastructure
The participants will get the following:
Ebooks of the training covering all hands-on in a step by step guide (HTML, PDF, EPub, Mobi)
Virtual machines to learn & practice scenarios covered in the workshop
Other references to learn more about topics covered in the workshop
Level: Beginner/Intermediate
Pre-Requisites: None
Required Materials:
A laptop with administrator privileges
At least 8GB of RAM, 10GB of Disk space free on the system
Laptop should support hardware-based virtualization
If your laptop can run a 64-bit virtual machine in Oracle VirtualBox it should work
Other virtualization software might work but we will not be able to provide support for that
USB Ports for copying data