Loading…
BSidesSF 2018 has ended
View analytic
Sunday, April 15 • 4:10pm - 4:40pm
KubeScope for the Extraordinary World of Containers

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Google’s Kubernetes has become the de facto standard for software container orchestration. As development teams have rapidly embraced it, the Kubernetes feature set has exploded and the importance of securing the Kubernetes ecosystem has come into focus. Security teams find themselves scrambling to identify potential threat vectors, establish best practices, and enable DevOps teams to accelerate without compromising their position against attackers.

To address these challenges, we've built KubeScope, a tool that leverages a combination of machine learning and rule-based detection strategies to profile orchestrator behavior. In this talk, we will demonstrate how to use this tool to secure Kubernetes deployments against new and existing exploitation vectors such as malformed input attacks targeting Kubernetes services, DDoS attacks which manipulate individual pods into flooding the orchestrator with traffic, and credential leaks. Perhaps more importantly, we will also demonstrate how our approach to detection enables us to identify adversarial behavior not only with respect to well-known exploitation patterns, but also within the context of novel attack scenarios.

Presenters
TL

Tongbo Luo

Security Engineer, StackRox
Tongbo Luo is a security engineer at StackRox, and was most recently senior principal security researcher at Palo Alto Networks. He obtained his MS and PhD in computer science from Syracuse University in 2014. He is active on docker security, cyber security, IoT security and applied... Read More →
ZX

Zhaoyan Xu

Security Engineer, StackRox
Zhaoyan Xu is a security engineer at StackRox, and was most recently research engineer at Palo Alto Networks, CA, United States. He earned his PhD degree from Texas A&M University, College Station in 2014. His research interests include web security, malware analysis, detection and... Read More →


Sunday April 15, 2018 4:10pm - 4:40pm
City View - Presidio