Attacking and Defending Kubernetes - A Brief Overview

Date Mar 26, 2020
Time 11 AM ET
Cost Free
Online
We bring to you we45’s first webinar of 2020. This time, we’re kicking off with a topic that continues to create excitement and interest amongst product teams working on contemporary technology stacks - a purple-view snapshot of Kubernetes Security!

Through this webinar, we aim to immerse you in the experience of container and orchestration specific attack patterns, and subsequently ideate a defence plan, based on technology specific best practices

The session will commence with a demonstration of a complex attack of an application deployed on a misconfigured kubernetes cluster. The presenter would then focus on some of the flaws across the Application, Container and the Cluster layers, taking a look at some kubernetes specific vulnerability assessment tools that can be used prior to deploying the containers on the kubernetes cluster. We will then discuss some of the mechanisms we can use to defend ourselves from such attacks (like Admission Controller, AppArmor profiles as run-time security measures etc).

The talk will conclude with a demonstration of a security specific CI/CD pipeline that leverages multiple tools focused on identifying vulnerabilities not just in a docker image, but post build scenarios including vulnerabilities due to deployment specific misconfigurations on a deployed kubernetes cluster

Who should attend:
- Security professionals who face problems managing vulnerabilities when it comes to containers and container networks.
- Engineering teams who find the current vulnerability remediation workflow problematic .
- CISO’s who want to lay down a mature and efficient Kubernetes Management protocol.

 


comments powered by Disqus
Create your own event
Turn your passion into a business.
Join our mailing list