Securing^WAttacking Kubernetes

Agenda:

1. "Securing^[WAttacking Kubernetes" by Vincent Ruijter

Abstract:
A purple team talk targeting Kubernetes deployments. Demonstrating several attack vectors and the corresponding mitigations.

This talks’ focus lays on a popular containerization tool called Kubernetes.
Common implementations of Kubernetes are not secure by default and a lot of information about hardening is not known to the public. Since version 1.7 the security level has increased and common security misconfigurations have been mitigated. During this talk it will be demonstrated what happens if these mitigations are not applied and how to abuse them. The talk will be about both securing and attacking the platform and could be considered a ‘purple team’ talk. Multiple live demos are planned, most of them ending in a guest-to-host escape and a root shell.

Speaker:
Pacifistic Internetveapon @ KPNs (Royal Dutch Telco) CERT, who thinks he knows Linux. Moderator @ null Amsterdam chapter, with an endless curiosity for all things binary. Knows how to quit Vi ^[ESC!wqwq:wq!

2. "Getting secrets to safer places - Vault & Kubernetes" by Ben de Haan

Abstract:
More and more companies have a (hopefully well structured) build pipeline. However, far too often secrets aren't safely managed. Vault to the rescue!

This talk gives a quick primer on Vault and the Kubernetes integration. If the demo gods accept the sacrifice, we'll see Kubernetes authentication, configure Vault as CA and have an app interact with Vault.

Speaker:
Security Consultant @ Xebia Security. Spent some time building and tuning SIEM systems. Worked on retrieving and analyzing alert data for an MSSP. Contributor to open source projects like OWASP DefectDojo.