In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Wednesday, October 26 • 4:30pm - 5:05pm
Kubernetes to Cloud Attack Vectors: Demos Inside - Danny Hershko Shemesh & Alon Schindel, Wiz

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Cloud service providers are constantly enhancing and releasing new capabilities to provide the best managed Kubernetes experience, intertwining cloud-specific capabilities within, to ease integrations and reduce friction. This talk is about the fine line between your managed Kubernetes cluster and its underlying Cloud environment, and how intertwining cloud-specific capabilities within the managed Kubernetes services introduces potential attack vectors and lateral movement paths – from Kubernetes outwards, or from the cloud inwards. This talk is demo-driven, we'll demonstrates several scenarios where an attacker can gain a foothold in a Kubernetes cluster and move laterally in order to compromise other cloud resources outside the cluster, or alternatively, gaining access to a cloud resource with the intent of compromising resources within a cluster. This talk also covers some of the best practices for configurations and standards to adopt in EKS, AKS and GKE to secure them from cluster-to-cloud or cloud-to-cluster attacks.

avatar for Danny Hershko Shemesh

Danny Hershko Shemesh

Software Develop, Wiz
- 27- Married to an amazing wife- Uneducated (self-taught, some call it)- Programming for a living since 17- Had the chance to work with amazing people over the years and work across the stack - from the linux / windows kernels to the most abstracted, using-seven-3rd-party-libraries-for-2-lines-of-code... Read More →

Alon Schindel

Director of Data & Threat Research, Wiz
Alon Schindel is the Director of Data and Threat Research at Wiz, the fastest growing unicorn in cloud security. He’s an experienced cybersecurity professional who has filled various lead roles in both development and research of cybersecurity products and specializes in threats... Read More →

Wednesday October 26, 2022 4:30pm - 5:05pm EDT
420 AB
  Security + Identity + Policy