How to Escape Clusters in a Managed Kubernetes Cluster?
Cloud Security Podcast7 Nov 2023

How to Escape Clusters in a Managed Kubernetes Cluster?

Not Escaping Containers but escaping Clusters - Managed Kubernetes distributions such as Amazon EKS, Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS) attack vectors can allow you to reach the underlying AWS Account etc. In conversation with Christophe Tafani-Dereeper & Nick Frichette, from Datadog on how this is possible in Amazon EKS and achieving potentially the same in GKE & AKS too.


Thank you to our episode sponsor Sagetap


Guest Socials: Nick's and Christophe's Linkedin (⁠⁠⁠⁠⁠⁠⁠⁠⁠Nick Frichette + Christophe Tafani-Dereeper)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction

(04:11) A bit about Christophe

(04:37) A bit about Nick

(05:03) What is managed Kubernetes?

(06:26) Security of managed Kubernetes

(09:02) Comparison between different managed Kubernetes

(10:41) Service accounts and managed Kubernetes

(14:22) What is container escape?

(18:20) IMDSv2 for EKS

(19:51) IMDSv2 in EKS vs AKES and GKE

(22:01) Benchmark compliance for Kubernetes architecture

(24:49) Low hanging fruits for container escape

(27:17) Shared responsibility for managed Kubernetes

(29:34) Fargate for Managed Kubernetes

(32:00) Different ways to run containers

(33:37) Escaping Managed Kubernetes cluster

(38:39) Find more about this attack path

(42:38) Escalation priviledge in EKS cluster

(44:19) Reducing the Kubernetes attack service

(44:58) MKAT for Kubernetes Security

(48:23) Preventing AWS AuthConfig

(50:11) Propagation Security

(54:55) The fun section

(57:47) Resources for latest Kubernetes updates


Resources spoken about during the episode

Nick Frichette's Blog - Hacking the Cloud

Christophe Tafani-Dereeper' Blog

Corey Quinn's - 17 ways to run containers on AWS

MKAT

cloudseclist newsletter

Avsnitt(346)

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

MICROSOFT IGNITE 2020 SYDNEY | Getting started with securing Microsoft Azure Workload- David O'Brien, Microsoft MVP for Azure

David & Ashish spoke about What is Microsoft Ignite vs Microsoft Ignite Tour and why should cloud security people care about the event? Microsoft Ignite 2020 Sydney and Johannesburg What were th...

16 Feb 202046min

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

Is public cloud secure? - Francesco Cipollone, Cloud Security Alliance

In this episode we speak to Francesco Cipollone, Head of Cloud Security Alliance for UK Francesco and Ashish speak about is public cloud secure and if multi-cloud is a good thing, especially if you a...

9 Feb 202034min

Just Eat UK security - cloud security across Scotland uk canada in a world of multi public cloud

Just Eat UK security - cloud security across Scotland uk canada in a world of multi public cloud

In this episode we speak to Stu Hirst, Principal Cloud Security @Just Eat. Stu and Ashish speak about keeping up security in a world of multi cloud, the challenges of recruiting for cloud security, w...

2 Feb 20201h 4min

Cloud Security in Japan - Cloud Security Podcast the Tokyo edition

Cloud Security in Japan - Cloud Security Podcast the Tokyo edition

This episode is a non-sponsored episode which is recording from Ashish's recent visit to Tokyo, Japan. During the trip Ashish caught up with mixed group of cybersecurity professionals who have been wo...

26 Jan 20206min

AZURE vs AWS , Azure Security and Can AZURE be DevOps friendly? - Tanya Janca

AZURE vs AWS , Azure Security and Can AZURE be DevOps friendly? - Tanya Janca

In this episode, we sit with Tanya Janca, previously Senior Cloud Advocate at Microsoft. Tanya & I spoke about the right way to do move workloads to Azure with DevOps. We compared notes on AWS and Azu...

19 Jan 20201h 2min

CLOUD SECURITY JOURNEY OF DOW JONES POST THE AWS CLOUD BREACH , WITH JAY KELATH, PRODUCT SECURITY

CLOUD SECURITY JOURNEY OF DOW JONES POST THE AWS CLOUD BREACH , WITH JAY KELATH, PRODUCT SECURITY

In this episode, we sit with Jay Kelath, Director for Product Security at Dow Jones. Jay & I spoke about the Dow Jones breach and how things changed from top down in Dow Jones for the better. We spoke...

12 Jan 202048min

Networking , recruiting and retaining female engineers, cyber security influencer, personal branding, mentoring for introvert men and women in cyber Security with Jane Frankland

Networking , recruiting and retaining female engineers, cyber security influencer, personal branding, mentoring for introvert men and women in cyber Security with Jane Frankland

In this episode, we sit with Jane Frankland, an award-winning entrepreneur, best-selling author and international speaker. Jane is a CISO advisor and has a diverse background, from being nominated as ...

5 Jan 202056min

Cloud Security and Infosec girls with Vandana Verma

Cloud Security and Infosec girls with Vandana Verma

In this Blue team episode, we sit with Vandana Verma, a Board member of OWASP and was recently awarded “Top influencers in Security and Fire” and “Cybersecurity Women of the year award by Women Cyberj...

23 Dec 201935min

Populärt inom Teknik

uppgang-och-fall
bilar-med-sladd
elbilsveckan
market-makers
rss-technokratin
skogsforum-podcast
rss-laddstationen-med-elbilen-i-sverige
rss-uppgang-och-fall
har-vi-akt-till-mars-an
rss-elektrikerpodden
rss-veckans-ai
rss-powerboat-sverige-podcast
bli-saker-podden
developers-mer-an-bara-kod
rss-fabriken-2
natets-morka-sida
gubbar-som-tjotar-om-bilar
rss-snacka-om-ai
hej-bruksbil
rss-en-ai-till-kaffet