SlideShare a Scribd company logo

DockerCon 2023 - Live Demo_Hardening Against Kubernetes Hacks.pdf

E
Eric Smalling

The document outlines a live demo by Eric Smalling on hardening Kubernetes against attacks, emphasizing the importance of scanning application code, container images, and Kubernetes configurations to prevent vulnerabilities. It discusses the concept that exploits result from application vulnerabilities and misconfigurations. The document also acknowledges contributions from various individuals and organizations in the Kubernetes security community.

Software
1 of 9
Download to read offline
1
2
3
4
5
6
7
8
9
Hardening Against Kubernetes Hacks Live Demo Eric Smalling Sr. Developer Advocate | Snyk.io about.me/ericsmalling
2 ERIC SMALLING ● Senior Developer Advocate @ Snyk ● Based in Dallas/Fort Worth, Texas ● 20+ years enterprise software development ● 10+ years build/test/deploy automation (CI/CD) ● Docker user since 2013 (v0.6) ● 2018 Jenkins Ambassador ● Docker Captain ● CKA, CKAD & CKS Certified
3 00 Section Header Exploit = App Vulns + Misconfiguration
4 https://github.com/snyk-labs/kubernetes-goof
DEMO https://github.com/snyk-labs/kubernetes-goof
DockerCon 2023 - Live Demo_Hardening Against Kubernetes Hacks.pdf
7 How could we have prevented this? ● Scan your application code ● Scan your container images ● Scan your Kubernetes YAML ● Don’t trust defaults / Be explicit ● Use Network Policies ● Use Admission Controls
8 Thanks and props to : ● Mark Manning ( @antitree ) ● Ian Coldwater ( @iancoldwater ) ● DuïŹ€ie Cooley ( @mauilion ) ● Rory McCune ( @raesene ) ● K8s SIG-Security ● CNCF TAG-Security ● OpenSSF 
 and many others in the Kubernetes Security community.
THANK YOU https://github.com/snyk-labs/kubernetes-goof about.me/ericsmalling

More Related Content

PDF
KubeCon NA 2022 - Hardening against Kubernetes Hacks.pdf
Eric Smalling
 
PDF
Hacking into your containers, and how to stop it!
Eric Smalling
 
PDF
Kubernetes 101 for_penetration_testers_-_null_mumbai
n|u - The Open Security Community
 
PDF
GDG SLK - Why should devs care about container security.pdf
James Anderson
 
PDF
DevOpsDays Chicago 2022 - Hands-on hacking containers and ways to prevent it
Eric Smalling
 
PDF
Securing k8s With Kubernetes Goat
Muhammad Yuga Nugraha
 
PDF
Lines of Defense - Securing your Kubernetes Clusters by Koray Oksay
ContainerDay Security 2023
 
PPTX
12 Ways Not to get 'Hacked' your Kubernetes Cluster
Suman Chakraborty
 
KubeCon NA 2022 - Hardening against Kubernetes Hacks.pdf
Eric Smalling
 
Hacking into your containers, and how to stop it!
Eric Smalling
 
Kubernetes 101 for_penetration_testers_-_null_mumbai
n|u - The Open Security Community
 
GDG SLK - Why should devs care about container security.pdf
James Anderson
 
DevOpsDays Chicago 2022 - Hands-on hacking containers and ways to prevent it
Eric Smalling
 
Securing k8s With Kubernetes Goat
Muhammad Yuga Nugraha
 
Lines of Defense - Securing your Kubernetes Clusters by Koray Oksay
ContainerDay Security 2023
 
12 Ways Not to get 'Hacked' your Kubernetes Cluster
Suman Chakraborty
 

Similar to DockerCon 2023 - Live Demo_Hardening Against Kubernetes Hacks.pdf (20)

PDF
Why should developers care about container security?
Eric Smalling
 
PPTX
Kubernetes Security
Karthik Gaekwad
 
PDF
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
Eric Smalling
 
PDF
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
NoNameCon
 
PDF
DevSecCon Lightning 2021- Container defaults are a hackers best friend
Eric Smalling
 
PDF
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
PPTX
10 tips for Cloud Native Security
Karthik Gaekwad
 
PDF
Hardening Kubernetes Cluster
Knoldus Inc.
 
PPTX
Secure development on Kubernetes by Andreas Falk
SBA Research
 
PDF
CloudNativeTurkey - Lines of Defence.pdf
Koray Oksay
 
PDF
The Hacker's Guide to Kubernetes
Patrycja Wegrzynowicz
 
PDF
All Your Containers Are Belong To Us
Lacework
 
PPTX
DevSecOps in a cloudnative world
Karthik Gaekwad
 
PPTX
Simplify Your Way To Expert Kubernetes Management
DevOps.com
 
PPTX
Kubernetes and container security
Volodymyr Shynkar
 
PDF
Attacking and Defending Kubernetes - Nithin Jois
OWASP Hacker Thursday
 
PDF
K8 Meetup_ K8s secrets management best practices (Git Guardian).pdf
MichaelOLeary82
 
PDF
Why Should Developers Care About Container Security?
All Things Open
 
PDF
ATO 2022 - Why should devs care about container security.pdf
Eric Smalling
 
PDF
Container Stranger Danger - Why should devs care about container security
Eric Smalling
 
Why should developers care about container security?
Eric Smalling
 
Kubernetes Security
Karthik Gaekwad
 
LFX Nov 16, 2021 - Find vulnerabilities before security knocks on your door
Eric Smalling
 
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
NoNameCon
 
DevSecCon Lightning 2021- Container defaults are a hackers best friend
Eric Smalling
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
10 tips for Cloud Native Security
Karthik Gaekwad
 
Hardening Kubernetes Cluster
Knoldus Inc.
 
Secure development on Kubernetes by Andreas Falk
SBA Research
 
CloudNativeTurkey - Lines of Defence.pdf
Koray Oksay
 
The Hacker's Guide to Kubernetes
Patrycja Wegrzynowicz
 
All Your Containers Are Belong To Us
Lacework
 
DevSecOps in a cloudnative world
Karthik Gaekwad
 
Simplify Your Way To Expert Kubernetes Management
DevOps.com
 
Kubernetes and container security
Volodymyr Shynkar
 
Attacking and Defending Kubernetes - Nithin Jois
OWASP Hacker Thursday
 
K8 Meetup_ K8s secrets management best practices (Git Guardian).pdf
MichaelOLeary82
 
Why Should Developers Care About Container Security?
All Things Open
 
ATO 2022 - Why should devs care about container security.pdf
Eric Smalling
 
Container Stranger Danger - Why should devs care about container security
Eric Smalling
 

More from Eric Smalling (12)

PDF
KubeHuddle NA 2023 - Why should devs care about container security - Eric Sma...
Eric Smalling
 
PDF
Look Ma' - Building Java and Go based container images without Dockerfiles
Eric Smalling
 
PDF
SCaLE 19x - Eric Smalling - Hardening against Kubernetes Hacks
Eric Smalling
 
PDF
DockerCon 2022 - From legacy to Kubernetes, securely & quickly
Eric Smalling
 
PDF
Python Web Conference 2022 - Why should devs care about container security.pdf
Eric Smalling
 
PDF
AWS live hack: Docker + Snyk Container on AWS
Eric Smalling
 
PDF
AWS live hack: Atlassian + Snyk OSS on AWS
Eric Smalling
 
PDF
So. many. vulnerabilities. Why are containers such a mess and what to do abou...
Eric Smalling
 
PDF
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
Eric Smalling
 
PDF
Best Practices for Developing & Deploying Java Applications with Docker
Eric Smalling
 
PDF
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
PPTX
Simply your Jenkins Projects with Docker Multi-Stage Builds
Eric Smalling
 
KubeHuddle NA 2023 - Why should devs care about container security - Eric Sma...
Eric Smalling
 
Look Ma' - Building Java and Go based container images without Dockerfiles
Eric Smalling
 
SCaLE 19x - Eric Smalling - Hardening against Kubernetes Hacks
Eric Smalling
 
DockerCon 2022 - From legacy to Kubernetes, securely & quickly
Eric Smalling
 
Python Web Conference 2022 - Why should devs care about container security.pdf
Eric Smalling
 
AWS live hack: Docker + Snyk Container on AWS
Eric Smalling
 
AWS live hack: Atlassian + Snyk OSS on AWS
Eric Smalling
 
So. many. vulnerabilities. Why are containers such a mess and what to do abou...
Eric Smalling
 
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
Eric Smalling
 
Best Practices for Developing & Deploying Java Applications with Docker
Eric Smalling
 
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
Simply your Jenkins Projects with Docker Multi-Stage Builds
Eric Smalling
 

Recently uploaded (20)

PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PPTX
ISO 45001 Occupational Health and Safety Management System
EHA Soft Solutions
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PPTX
Introduction to Artificial Intelligence
lohedi9363
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Nekopoi APK 2025 free lastest update
umarali35kp
 
PDF
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
PPTX
ManageIQ - Sprint 268 Review - Slide Deck
ManageIQ
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
System and Network Administraation Chapter 3
jaramharo
 
PDF
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
PDF
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PDF
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
ISO 45001 Occupational Health and Safety Management System
EHA Soft Solutions
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Introduction to Artificial Intelligence
lohedi9363
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Nekopoi APK 2025 free lastest update
umarali35kp
 
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
ManageIQ - Sprint 268 Review - Slide Deck
ManageIQ
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
System and Network Administraation Chapter 3
jaramharo
 
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 

DockerCon 2023 - Live Demo_Hardening Against Kubernetes Hacks.pdf