Abstract:
An organization using micro services or any other distributed architecture rely heavily on containers & orchestration engines like Kubernetes & as such its infrastructure security is paramount to its business operations. This workshop will focus on how attackers can break into docker container & Kubernetes clusters to gain access, escalate privileges to infrastructure by using misconfigurations & application security vulnerabilities. Trainer will share examples of real world security issues found in penetration testing engagements to showcase mapping of the attack usually happens in the real world.
By the end of workshop participants will be able to:
- Understand Docker & Kubernetes security architecture
- Attack & Audit containerised infrastructure for security vulnerabilities & misconfigurations
- Learn from these scenarios how they can assess their environments & fix them before attackers gain control over their modern infrastructure
- Learn commonly used tools, techniques & procedures (TTPs) for cloud native infrastructure
Prerequisites:
- Basic knowledge of using the Linux command line
- System administration basics like servers, applications configuration & deployment
Familiarity with container environments like Docker would be useful
Materials:
- GCP free trail account (https://cloud.google.com/free)
- A laptop with administrator privileges
- At least 8GB of RAM, 10GB of Disk space free on the system for VM
- Laptop should support hardware-based virtualization, Install Oracle - VirtualBox 6.x & verify it can run a 64-bit operating system. (Other virtualization software might work but we will not be able to provide support for that.)
- USB Ports for copying VM & course content (docs, scripts, etc.)
About Trainer:
Madhu Akula is a security ninja, published author & cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops & cloud native communities. He holds industry certifications like CKA (Certified Kubernetes Administrator), OSCP (Offensive Security Certified Professional), etc.
Madhu frequently speaks & runs training sessions at security events & conferences around the world including DEFCON (24, 26), BlackHat USA (2018 & 2019), USENIX LISA 2018, O'Reilly Velocity EU 2019, Appsec EU 2018, All Day DevOps (2016, 2017, 2018, 2019), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 2018), Nullcon 2019, SACON 2019, Serverless Summit, null & multiple others.
His research has identified vulnerabilities in over 200 companies & organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP & Adobe, etc. He is co-author of Security Automation with Ansible2 (ISBN-13:[masked]), which is listed as a technical resource by Red Hat Ansible.
Refernce: https://defcon.org/html/defcon-27/dc-27-workshops.html#akula