Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno shares his extensive research and insights on how attackers can exploit these vulnerabilities to stay hidden within a Kubernetes environment, posing significant threats beyond the commonly discussed crypto mining attacks. Magno spoke about common attack paths targeting Kubernetes clusters, from exploiting application vulnerabilities to leveraging exposed Kubernetes services and compromised valid accounts.
Guest Socials: Magno Logan
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(01:26) A bit about Magno Logan
(01:49) Kubernetes Common Threats Explained
(02:23) Kubernetes Cluster Attack Entry Points
(04:28) How attackers maintain persistent access in Kubernetes?
(05:30) Container Escape Explained
(07:03) Maintaining Persistence in Kubernetes Clusters
(08:18) What are Sidecars?
(10:43) How to secure your sidecars?
(12:33) Where can people learn more about this
(13:57) The Fun Section
Resources spoken about on the podcast
Mitre Att&ck Containers Matrix
Microsoft Threat Matrix
Cloud Security Careers: From University to Security Engineer at Atlassian
Cloud Security Careers: Getting an Entry Level GRC Role
fwd:cloudsec conference this week, Vulnerabilities discovered in AWS - Cloud Security News
Cloud Security Careers: From Executive Assistant to Head of Security
IBM Launches Servers for Hybrid Cloud, Microsoft and Verizon bring 5G Edge Cloud Computing - Cloud Security News
Cloud Security Careers: Skills Required for an Associate Cloud Security Engineer
Is your Microsoft Azure Cosmos Database Keys Secure? - Cloud Security News
Cloud Hacking eSports | Ultimate Hacking Championship
Network Security in a Cloud Native World
AWS Re:inforce goes Virtual - Cloud Security News
THINKING OF MOVING A MONOLITH TO CLOUD NATIVE?
DO WE NEED LOGGING? - Building Observability Platform for Scale - Atlassian
What is a SECURITY DATA LAKE?
Security Logging is Changing | Observability & Tracing Explained
WHAT IS CYBER RESILIENCY IN CLOUD?
AWS Security - Managing Threat Detection and Response
Cloud Security RoadMap - Scott Piper
Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP
Cloud Infrastructure Security at Scale - Netflix
Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast