Kochi
11th March 2023
10:00 AM
Overview
Kubernetes Security Workshop is designed to help participants understand the security features and best practices of the Kubernetes platform. This workshop covers topics such as container security, network security, access control, RBAC, secrets management, and logging and monitoring.
Participants will learn how to secure their Kubernetes clusters, configure security settings, and use Kubernetes tools to detect and respond to security incidents. Students will also learn about common vulnerabilities and attacks that can affect Kubernetes environments and how to mitigate them.
This workshop includes hands-on exercises where participants can practice applying security best practices to real-world scenarios. By the end of the workshop, participants should have a solid understanding of Kubernetes security.
Participants will learn how to secure their Kubernetes clusters, configure security settings, and use Kubernetes tools to detect and respond to security incidents. Students will also learn about common vulnerabilities and attacks that can affect Kubernetes environments and how to mitigate them.
This workshop includes hands-on exercises where participants can practice applying security best practices to real-world scenarios. By the end of the workshop, participants should have a solid understanding of Kubernetes security.
About the Speaker
- Almost 5.0 years of experience in the Internet of Things, penetration Testing & Vulnerability Assessment, and cybersecurity.
- Extensively worked on performing the penetration testing on various Smart devices and applications like BLE-based smart bulb, Home automation-based switch, Cough Assist medical device, Smart connected TV application, and Esp8266 Wi-Fi chip.
- Expertise in application security assessment like Web, Mobile, Docker, IoT security Testing, Bluetooth and Wi-Fi fuzzing, firmware analysis, and Hardware Security testing.
- Expertise in performing the attack surface mapping on IT products and analyze the components.
- Hands-on experience with extracting firmware, JTAG exploitation, SPI, I2C, and UART.
- Delivered the talks in various open source communities like NULL Bangalore, c0c0n Kerala, Red Team Security Summit, OWASP, and Test Tribe.
- Love to spend most of my free time making, breaking, and securing IoT devices.
Module 1 : Basic Intro of Kubernetes
- Intro of Kubernetes
- Kubernetes Features
- Kubernetes Components
- How to Install Kubernetes
- Kubernetes Objects
- Kubernetes Deployment
- Kubernetes Services
- Kubernetes Secrets
- Kubernetes Volumes
- Kubernetes Service Accounts
- Kubernetes Namespaces
Module 2 : Exploiting Kubernetes(Security)
- Introduction to Cloud Native Security
- Kubernetes network policies
- Pod Security Context
- Kubernetes RBAC
- Demo: Abusing RBAC roles to own the cluster
- Securing Kubernetes Cluster
- Pentest Garage kubernetes Lab Practical