home.social

#kubernetessecurity — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #kubernetessecurity, aggregated by home.social.

  1. Making Sense of Kubernetes Initial Access Vectors

    - Part 1: www.wiz.io/blog/making-sense-of-kubernetes-initial-access-vectors-part-1-control-plane

    - Part 2: wiz.io/blog/kubernetes-data-pl

    #kubernetes #k8s #KubernetesSecurity

  2. Adversary Village at DEFCON 32 Workshop,
    Julien Terriac (Adversary Simulation Engineer at datadog) will be giving a workshop on, “Hands-on Kubernetes security with KubeHound(Purple Teaming)”.
    Workshop schedule: 12:00-14:00 PDT, Aug 10th 2024 at Adversary Village Workshop Stage, Las Vegas Convention Center.
    More information on the Workshop: adversaryvillage.org/adversary

    Schedule for Adversary Village at DEF CON 32: adversaryvillage.org/adversary
    Join our Discord server: adversaryvillage.org/discord

    #AdversaryVillage #DEFCON #WeEngage #DEFCON32 #AdversaryTactics #adversaryemulation #Kubernetessecurity #purpleteaming #Kubehound

  3. Does anyone have good links for where I can learn a bit more about egress proxies? Particularly for Kubernetes?

    Use-case: I need to request a lot of potentially large media from servers outside of my control (one's that exist on the fediverse), and I'd like to do this as safely as possible, without exposing anything internal to my network/cluster.

    #DevOps #SRE #kubernetes #KubernetesSecurity #DevSecOps

  4. Appsecco published a two-part blog series on vulnerabilities they usually identify during Kubernetes Penetration Tests:

    - A Pentester’s Approach to Kubernetes Security — Part 1: blog.appsecco.com/a-pentesters

    - A Pentester’s Approach to Kubernetes Security — Part 2: blog.appsecco.com/a-pentesters

    #kubernetes #KubernetesSecurity

  5. Answer from the devs: api-server responds to TokenRequests (the preferred way of generating tokens since 1.24) while the controller-manger mints tokens in the previous style (Secret API Objects) which can still be done manually. #kubernetes #kubernetessecurity #k8s

  6. 🔥Hot off the press🔥"k8s Operator, Could You Help Me Place SysCall?" #newsletter

    This week we look at Custom #Seccomp Profiles (CSP) and #Security Profiles Operator (SPO), and future #WebAssembly (#Wasm) #k8s #operators.

    #kubernetes #kubernetessecurity #ebpf #grpc

    fudge.org/archive/k8s-operator