The Attacker Perspective - Insights From Hacking Alibaba Cloud... Hillai Ben-Sasson & Ronen Shustin

Don't miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon Europe in Paris from March 19-22, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at https://kubecon.io

The Attacker Perspective - Insights From Hacking Alibaba Cloud's Managed K8s Environments - Hillai Ben-Sasson & Ronen Shustin, Wiz

In this session, we will demonstrate a real-life case study of what an attack on a managed K8s environment looks like, by presenting our step-by-step engagement with Alibaba Cloud. We will begin as an external user, execute code in the managed environment, escalate privileges, escape containers, conduct lateral movement within the Kubernetes environment, and ultimately gain unauthorized read-write access to other customers' databases.

Our session demonstrates how chaining small configuration errors can lead to far-reaching consequences, such as a complete compromise of a managed cluster.

With a deeper understanding of real-world hacker operations in managed K8s environments, the audience will be able to strengthen their deployments and enhance their organization's security posture.