Cloud service providers are constantly enhancing and releasing new capabilities to provide the best managed Kubernetes experience, intertwining cloud-specific capabilities within, to ease integrations and reduce friction. This talk is about the fine line between your managed Kubernetes cluster and its underlying Cloud environment, and how intertwining cloud-specific capabilities within the managed Kubernetes services introduces potential attack vectors and lateral movement paths – from Kubernetes outwards, or from the cloud inwards. This talk is demo-driven, we'll demonstrates several scenarios where an attacker can gain a foothold in a Kubernetes cluster and move laterally in order to compromise other cloud resources outside the cluster, or alternatively, gaining access to a cloud resource with the intent of compromising resources within a cluster. This talk also covers some of the best practices for configurations and standards to adopt in EKS, AKS and GKE to secure them from cluster-to-cloud or cloud-to-cluster attacks.
- 27- Married to an amazing wife- Uneducated (self-taught, some call it)- Programming for a living since 17- Had the chance to work with amazing people over the years and work across the stack - from the linux / windows kernels to the most abstracted, using-seven-3rd-party-libraries-for-2-lines-of-code... Read More →
Alon Schindel is the Director of Data and Threat Research at Wiz, the fastest growing unicorn in cloud security. He’s an experienced cybersecurity professional who has filled various lead roles in both development and research of cybersecurity products and specializes in threats... Read More →
