Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno shares his extensive research and insights on how attackers can exploit these vulnerabilities to stay hidden within a Kubernetes environment, posing significant threats beyond the commonly discussed crypto mining attacks. Magno spoke about common attack paths targeting Kubernetes clusters, from exploiting application vulnerabilities to leveraging exposed Kubernetes services and compromised valid accounts.
Guest Socials: Magno Logan
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:26) A bit about Magno Logan
(01:49) Kubernetes Common Threats Explained
(02:23) Kubernetes Cluster Attack Entry Points
(04:28) How attackers maintain persistent access in Kubernetes?
(05:30) Container Escape Explained
(07:03) Maintaining Persistence in Kubernetes Clusters
(08:18) What are Sidecars?
(10:43) How to secure your sidecars?
(12:33) Where can people learn more about this
(13:57) The Fun Section
Resources spoken about on the podcast
Mitre Att&ck Containers Matrix
Microsoft Threat Matrix
Real-World Cloud Security Challenges and Solutions Explained for 2024
Why Least Privilege Matters in Cloud Security?
How is Kubernetes Network Security Evolving?
The Future of Software Development with AI
The role of Real Time Defense in Cloud Security
CISO's guide to embracing risk in business
Why Email Breaches Still Happen?
Essential Strategies to master Incident Response in Cloud
From Code Suggestions to Security
Cloud Security Operations for Modern Threats
Understanding Threat Modeling in Cloud
Balancing Efficiency & Security: AI’s Transformation of Legal Data Analysis
Role of application security posture management in cybersecurity
Cybersecurity Best Practices and Password Security in Cloud and AI
Multicloud strategy for AWS and GCP
AI's Role in Security Efficiency - Kubernetes Edition
Build an Effective AWS Cloud Security Program in 2024
Offensive Cloud Security Program for 2024
Understand Your Cloud Security Landscape to cut through the noise!
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
A Prairie Home Companion: News from Lake Wobegon