25.8.20
This website uses cookies to ensure you get the best experience on our website. Learn more
Blackhat logoBlackhat logo

Abusing and Protecting Kubernetes, Linux and Containers

Learn how to attack and defend Kubernetes, Linux and containers from Jay Beale, the creator of Bastille Linux and two Kubernetes security tools: the Peirates attack tool and the Bust-a-Kube CTF cluster. In this fully hands-on course, you'll get a laptop to keep, filled with capture-the-flag (CTF) machines, Kubernetes clusters, and containers, which you will attack and defend. You’ll also get access to our cloud environment, allowing you to attack cloud-based Kubernetes clusters. Every single topic in the class has an attack exercise, where you use Kali Linux to compromise a system or a Kubernetes cluster scenario. Most have a matching defense exercise, where you will use new skills to break that attack, confident that it will break other attacks. This Kubernetes, Linux, and Containers training focuses on giving you practical attack skills from real penetration tests, coupled with solid defenses to break attacks. We will cover each of the following, with exercises in both attack and defense: Cloud Native Attack and Defense Attacking Public Cloud Services (AWS and GCP) Advanced Privilege Escalation, including via Linux Capabilities and Namespaces Network, Server and Web Application Attacks Privilege Escalation, including container breakout Container Breakout and Kubernetes Node Attacks Container Profile Enforcement with AppArmor, Syscall, and Capability Restriction Monitoring and Active Response Ingresses with ModSecurity WAF functionality Web server and proxy hardening, including Nginx Server Application Attack and Defense, including NoSQL databases Docker/Container Run-time Attack and Defense Kubernetes Cluster Attacks Defeating and Defending Multi-tenant Clusters Kubernetes RBAC – Attack and Defense Attack and Assessment tools: Peirates, kube-hunter and kube-bench Kubernetes Secrets Abuse and Protection – Attack and Defense Kubernetes Network Segmentation and Service Meshes Kubernetes Admission Control: Kyverno, OPA Gatekeeper, etc. Container Breakout and Kubernetes Node Attacks Attacking Public Cloud Environments to Compromise Kubernetes The class will also have a separate bonus section on SeLinux.