Container Security for Red and Blue Teams

Abstract

An organization using micro services, or any other distributed architecture rely heavily on containers and orchestration engines like Kubernetes and as such its infrastructure security is paramount to its business operations. This workshop will focus on how attackers can break into docker container and Kubernetes clusters to gain access, escalate privileges to infrastructure by using misconfigurations and application security vulnerabilities. Then as a blue team we will see how we can leverage the power of automation at multiple layers like Infrastructure Security, Supply chain Security and Run time Security to protect against the container security attacks. At the end of the workshop we will verify the security of the cloud native infrastructure by performing automated security scan with the help of CIS Benchmarks for both Docker and Kubernetes.

By the end of the workshop participants will able to identify and exploit vulnerabilities in applications running on containers inside Kubernetes clusters. The key take away for audience will be learning from these scenarios how they can assess their environments and fix them before attackers gain control over their infrastructure. Trainer will share examples of real world security issues found in penetration testing engagements to showcase mapping of the attack usually happens in the real world and how it can be mitigated as well

Date
Location
Kochi, India
Avatar
Madhu Akula
Never Ending Learner!

Madhu Akula is a security ninja, published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26 & 27), BlackHat USA (2018 & 19), USENIX LISA (2018 & 19), O’Reilly Velocity EU 2019, Appsec EU 2018, All Day DevOps (2016, 17, 18 & 19), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon (2018, 19), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.

Next
Previous