2019 Charlotte ISSA Cybersecurity Summit

The rising adoption of container orchestration tools, such as Kubernetes, has enabled developers to scale cloud applications quickly and efficiently. However, this adoption comes with a new set of security challenges, such as securing the APIs used to manage these ecosystems. Many container orchestrations platforms can easily be set up in a matter of minutes, but hardening and understanding these systems for production use can take much longer. This talk is broken down into three major parts:

Kubernetes Overview: I will give a brief primer on Kubernetes, why it’s so popular, and its major components.

Risks and Threats to Kubernetes: I discuss the many risks and threats to Kubernetes giving real-world examples. The section is broken into two themes, threats from outside the cluster and threats from within the cluster. I will discuss and demo a research study that uncovered more than 20,000 publicly accessible orchestration management consoles accessible to the Internet. I will also show a similar research study revealing thousands of key-value stores with APIs open to the internet. I will also discuss major CVEs related to Kubernetes.

Securing Kubernetes: Lastly, I give 10 essential recommendations for securing Kubernetes deployments. These are tied back into the examples in the previous section. I also provide resources to learn more about all items in the talk.