DeveloperWeek Europe 2021 DeveloperWeek Europe 2021
Get your ticket or log in to build your agenda.

Who Else Is in Your Pod? - an Attacker's Approach to Container and Kubernetes Security

Workshop Stage 1
Join on Hopin

Riyaz Walikar
Kloudle, Co-founder

Riyaz Walikar is a Co-Founder at Kloudle, a Kubernetes and Container Security monitoring and insights company. He and his team primarily work with container orchestration tools and focus on Cloud Native Infrastructure security, attacker focused research and cluster compliance methodologies. With over a decade of experience in the security industry, Riyaz has worked across multiple technologies and environments in the areas of web, cloud, wireless and in the last couple of years, in the container orchestration security space.

Riyaz is a CKA, OSCP and CREST certified cloud native and kubernetes security evangelist and has also been a speaker/trainer at multiple hacker conferences around the world including BlackHat, DefCON, OWASP AppsecUSA, nullcon and c0c0n.

His primary passion includes enabling security education, imparting best practice learning, verifying and providing security guidance to peers, colleagues and customers alike in the areas of Kubernetes, container and Cloud Native security.

Attacker's use one of three things to exploit and gain access to protected systems. The lack of (or misconfiguration) of security controls, vulnerabilities in the infrastructure and code itself or social engineering techniques to obtain information that can be used to gain access.

In this talk, we shall see, using demos, various techniques and tactics that attacker's use to gain access to Kubernetes environments and map them to the Kubernetes MITRE ATT&CK framework.

The talk will contain the journey of how an attacker moves from gathering information and obtaining initial access to planting backdoors, evading defenses, escalating privileges and eventually causing an impact on the infrastructure.