Hackers of India

Demystifying the State of Kubernetes Cluster Security - The Cloud Native Way

By  Vasant Kumar   Rupali Dash  on 06 May 2021 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
KUBESTRIKER

Abstract

Website
Attackers always get better with new attack techniques, so our threat modelling and defense mechanisms needs to level up.

The security of the Kubernetes cluster, of course, cannot be achieved in a single process. There are many moving parts within the Kubernetes cluster that must be properly secured.

Kube-striker performs numerous in depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops/developers are likely to encounter when using Kubernetes.

Kube-striker is Platform agnostic and works equally well across more than one platform such as self hosted kubernetes, EKS, AKS, GKE etc.