SlideShare a Scribd company logo

Continuous Lifecycle: Hijack Kubernetes

Nico Meisenzahl, profile picture
Nico Meisenzahl

The document provides an overview of a talk led by Nico Meisenzahl focusing on the hijacking of Kubernetes clusters. It aims to raise awareness of common attack vectors and preventive measures, featuring live demos of how to exploit and secure clusters. Additional resources such as slides and demos are linked for reference.

Technology
1 of 5
Download to read offline
1
2
3
4
5
Hijack a Kubernetes Cluster - a Walkthrough Continuous Lifecycle & Container Conf 2021
Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • Microsoft MVP, GitLab Hero • Cloud Native, Kubernetes & Azure © white duck GmbH 2021 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
About this talk • this is not an in-depth security talk • it should make you aware of common attack vectors and how to prevent them • you will see demos on how to hijack a cluster • you will learn how to prevent those with common best practices • one more slide, then we will start hijacking (slideless) • https://github.com/nmeisenzahl/hijack-kubernetes © white duck GmbH 2021
What we will do © white duck GmbH 2021
Questions? • Slides: https://www.slideshare.net/nmeisenzahl • Demo: https://github.com/nmeisenzahl/hijack-kubernetes © white duck GmbH 2021 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org

More Related Content

PDF
azdevcom - Hijack a Kubernetes Cluster
Nico Meisenzahl
 
PDF
Die Evolution von Container Image Builds
Nico Meisenzahl
 
PDF
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
PDF
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Nico Meisenzahl
 
PDF
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Nico Meisenzahl
 
PDF
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Nico Meisenzahl
 
PDF
Azure Rosenheim Meetup: Azure Service Operator
Nico Meisenzahl
 
PDF
GitHub Actions 101
Nico Meisenzahl
 
azdevcom - Hijack a Kubernetes Cluster
Nico Meisenzahl
 
Die Evolution von Container Image Builds
Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
Azure Saturday Hamburg: Containerize Your .NET Microservice - the Right Way!
Nico Meisenzahl
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Nico Meisenzahl
 
Azure Meetup Hamburg: Production-Ready Terraform Deployments on Azure
Nico Meisenzahl
 
Azure Rosenheim Meetup: Azure Service Operator
Nico Meisenzahl
 
GitHub Actions 101
Nico Meisenzahl
 

What's hot (20)

PDF
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
Nico Meisenzahl
 
PDF
Policy & Governance für Kubernetes
Nico Meisenzahl
 
PDF
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
Nico Meisenzahl
 
PDF
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Nico Meisenzahl
 
PDF
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
Nico Meisenzahl
 
PDF
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Nico Meisenzahl
 
PDF
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Nico Meisenzahl
 
PDF
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Nico Meisenzahl
 
PDF
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
PDF
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
Nico Meisenzahl
 
PDF
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
Nico Meisenzahl
 
PDF
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
Nico Meisenzahl
 
PDF
Was ist ein Service Mesh und wie funktioniert es?
Cloud Native Rosenheim Meetup
 
PDF
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
Nico Meisenzahl
 
PPTX
FestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
Philip Welz
 
PDF
Virtual Azure Community Day: Azure Kubernetes Service Basics
Nico Meisenzahl
 
PDF
Docker Rosenheim Meetup: Policy & Governance for Kubernetes
Nico Meisenzahl
 
PDF
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
Nico Meisenzahl
 
PPTX
Event sourcing your React-Redux applications
Maurice De Beijer [MVP]
 
PDF
DevOpsCon London: How containerized Pipelines can boost your CI/CD
Nico Meisenzahl
 
GitLab Commit: Your Attackers Won't Be Happy! How GitLab Can Help You Secure ...
Nico Meisenzahl
 
Policy & Governance für Kubernetes
Nico Meisenzahl
 
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...
Nico Meisenzahl
 
Cloud Native Day: Cloud-native Anwendungsentwicklung im Jahr 2021
Nico Meisenzahl
 
DevOpsCon Berlin: Helm vs Operators – Do I Need to Decide?
Nico Meisenzahl
 
Azure Zürich User Group: Azure Kubernetes Service – more than just a managed ...
Nico Meisenzahl
 
Virtual GitLab Meetup: How Containerized Pipelines and Kubernetes Can Boost Y...
Nico Meisenzahl
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & ...
Nico Meisenzahl
 
The Future of Workflow Automation Is Now - Hassle-Free ARM Template Deploymen...
Nico Meisenzahl
 
GitLab Commit: Enhance your Compliance with Policy-Based CI/CD
Nico Meisenzahl
 
Was ist ein Service Mesh und wie funktioniert es?
Cloud Native Rosenheim Meetup
 
Global Azure Bootcamp: Container, Docker & Kubernetes Basics
Nico Meisenzahl
 
FestiveTechCalendar2021 - Have Yourself An​ Azure Container Registry
Philip Welz
 
Virtual Azure Community Day: Azure Kubernetes Service Basics
Nico Meisenzahl
 
Docker Rosenheim Meetup: Policy & Governance for Kubernetes
Nico Meisenzahl
 
DevOps Gathering - How Containerized Pipelines Can Boost Your CI/CD
Nico Meisenzahl
 
Event sourcing your React-Redux applications
Maurice De Beijer [MVP]
 
DevOpsCon London: How containerized Pipelines can boost your CI/CD
Nico Meisenzahl
 
Ad

Similar to Continuous Lifecycle: Hijack Kubernetes (20)

PDF
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
PDF
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl
 
PDF
How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
ContainerDay Security 2023
 
PDF
How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
ContainerDay Security 2023
 
PDF
Microsoft DevOps Forum 2021 – DevOps & Security
Nico Meisenzahl
 
PPTX
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
PDF
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
PDF
ContainerConf 2022: Hijack Kubernetes
Nico Meisenzahl
 
PDF
Cloud Study Jam - Kubernetes 101
Nico Meisenzahl
 
PDF
Cloud Love Conference: Kubernetes is awesome, but...
Nico Meisenzahl
 
PDF
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl
 
PDF
ContainerConf 2022: Kubernetes is awesome - but...
Nico Meisenzahl
 
PDF
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
Cloud Native Rosenheim Meetup
 
PDF
How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl
 
PDF
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
Nico Meisenzahl
 
PDF
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Nico Meisenzahl
 
PDF
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Nico Meisenzahl
 
PDF
Containerized Build & Deployment Pipelines
Nico Meisenzahl
 
PDF
Mitigate potential compliance risks
Jürgen Brüder
 
PPTX
Kubernetes Security
Karthik Gaekwad
 
KCD Munich 2022: Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
Container Day Security: How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl
 
How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
ContainerDay Security 2023
 
How to Prevent Your Kubernetes Cluster From Being Hacked by Nico Meisenzahl
ContainerDay Security 2023
 
Microsoft DevOps Forum 2021 – DevOps & Security
Nico Meisenzahl
 
Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
Container Days: Hijack a Kubernetes Cluster - a Walkthrough
Nico Meisenzahl
 
ContainerConf 2022: Hijack Kubernetes
Nico Meisenzahl
 
Cloud Study Jam - Kubernetes 101
Nico Meisenzahl
 
Cloud Love Conference: Kubernetes is awesome, but...
Nico Meisenzahl
 
KCD Munich 2022: How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl
 
ContainerConf 2022: Kubernetes is awesome - but...
Nico Meisenzahl
 
GitLab Remote Meetup: Enhance Your Kubernetes CI/CD Pipelines with GitLab & O...
Cloud Native Rosenheim Meetup
 
How to Prevent Your Kubernetes Cluster From Being Hacked
Nico Meisenzahl
 
GitLab London Meetup: How Containerized Pipelines and Kubernetes Can Boost Yo...
Nico Meisenzahl
 
Azure Service Operator - Provision Your Resources in a Cloud-Native Way
Nico Meisenzahl
 
Effiziente CI/CD-Pipelines – mit den richtigen Tools klappt das
Nico Meisenzahl
 
Containerized Build & Deployment Pipelines
Nico Meisenzahl
 
Mitigate potential compliance risks
Jürgen Brüder
 
Kubernetes Security
Karthik Gaekwad
 
Ad

Recently uploaded (20)

PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
KodekX | Application Modernization Development
KodekX
 
Teaching material agriculture food technology
LiaRayya
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
A Presentation on Artificial Intelligence
memembruh336
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
KodekX | Application Modernization Development
KodekX
 

Continuous Lifecycle: Hijack Kubernetes

  • 1. Hijack a Kubernetes Cluster - a Walkthrough Continuous Lifecycle & Container Conf 2021
  • 2. Nico Meisenzahl • Senior Cloud & DevOps Consultant at white duck • Microsoft MVP, GitLab Hero • Cloud Native, Kubernetes & Azure © white duck GmbH 2021 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org
  • 3. About this talk • this is not an in-depth security talk • it should make you aware of common attack vectors and how to prevent them • you will see demos on how to hijack a cluster • you will learn how to prevent those with common best practices • one more slide, then we will start hijacking (slideless) • https://github.com/nmeisenzahl/hijack-kubernetes © white duck GmbH 2021
  • 4. What we will do © white duck GmbH 2021
  • 5. Questions? • Slides: https://www.slideshare.net/nmeisenzahl • Demo: https://github.com/nmeisenzahl/hijack-kubernetes © white duck GmbH 2021 Phone: +49 8031 230159 0 Email: nico.meisenzahl@whiteduck.de Twitter: @nmeisenzahl LinkedIn: https://www.linkedin.com/in/nicomeisenzahl Blog: https://meisenzahl.org