Security myths about managed Kubernetes Clusters

Abstract

There’s a common misconception that all managed services are 100% foolproof. The reality is entirely different. Attackers are gaining persistent access to systems. They often gain access to systems differently, but having a backdoor gives them ultimate power. This talk aims to exhibit one such method attackers use to gain persistent access to a managed Kubernetes cluster & discuss various defense-in-depth techniques.

Date
Sep 12, 2022 12:00 AM
Event
AWS Live workshop & talk
Location
Dubai
Rewanth Tammana
Rewanth Tammana
Senior Security Architect

Rewanth Tammana is a security ninja, open-source contributor, and an independent consultant. Previously, Senior Security Architect at Emirates NBD (National Bank of Dubai). He is passionate about DevSecOps, Cloud, and Container Security. He added 17,000+ lines of code to Nmap (famous as Swiss Army knife of network utilities). Holds industry certifications like CKS (Certified Kubernetes Security Specialist), CKA (Certified Kubernetes Administrator), etc. Rewanth speaks and delivers training at multiple international security conferences around the world including Black Hat, Defcon, Hack In The Box (Dubai and Amsterdam), CRESTCon UK, PHDays, Nullcon, Bsides, CISO Platform, null chapters and multiple others. He was recognized as one of the MVP researchers on Bugcrowd (2018) and identified vulnerabilities in several organizations. He also published an IEEE research paper on an offensive attack in Machine Learning and Security. He was also a part of the renowned Google Summer of Code program.

Related