Webinar
Cybersecurity CISO: All there is to know about Kubernetes Pentest

Key Takeaways

• Attack Process of Kubernetes

An's aggressor will likely stay undetected and work in where no one looks. Attacking Kubernetes bunches by mishandling their organization module highlights permits an aggressor to remain under-the-radar more often than not. Regardless of whatever we discuss, seeing how the framework works is the (just) approach to appropriately make sure about it.

• External Attack Enumeration Process

The enumeration in data security is the way toward erasing client names, machine names, network assets, and different administrations from a framework. All the assembled data is utilized to recognize the weaknesses or feeble focuses in framework security and afterward attempts to misuse it.

• Port Scanning

Port Scanning is perhaps the most well-known methods that hackers use to find administrations, which can misuse and abuse the frameworks. All the frameworks associated with the LAN or getting to arrange by means of a modem that runs services that tune in to notable ports.By utilizing port scanning, we can investigate data, for example, What administrations are running, what clients own those administrations, if unknown login is upheld, regardless of whether certain organization administrations require validation and other related subtleties.

• RBAC Configuration

RBAC Role-Based Access Control is a technique for controlling admittance to a network or PC assets dependent on the jobs of individual clients inside your association.Since the Kubernetes version 1.6 onwards, RBAC strategies are by default empowered. RBAC approaches or policies are fundamental for the right administration of your cluster, as they permit you to determine which sorts of activities are allowed relying upon the client and their job in your association.

Checking Access

A Secret is a subject that contains a modest quantity of critical information, for example, a key, a secret key, or a token. Such data may somehow or another be placed in an image or a Pod specification. Clients can make Secrets and the framework likewise makes a few Secrets. Kubernetes Secrets allows one to store and oversee critical data, for example, ssh keys, passwords, and OAuth tokens. Putting away classified data in a Secret is more secure and more adaptable than putting it verbatim in an image container or a Pod definition.

When you have a running Kubernetes cluster, you can convey or deploy your containerized applications on top of it. In order to do so, a Kubernetes Deployment configuration needs to be created. The Deployment trains Kubernetes on how to make and upgrade examples of your application. Whenever a Deployment is created, the Kubernetes Master schedules the application occasions remembered for that Deployment to run on individual Nodes within the cluster.

Tools Used

Kubernetes audit gives a security-applicable, sequential arrangement of records archiving the grouping of activities within a cluster. The cluster audits the exercises produced by the clients, by applications that utilize the control plane, and the Kubernetes API itself.

Kube Bench is an open-source Go application that runs the CIS Kubernetes Benchmark tests on your cluster to guarantee that it meets the CIS rules for security.

Kube-Hunter is an open-source instrument or tool that chases for security issues in your Kubernetes clusters.It's intended to expand mindfulness and permeability of the security controls in Kubernetes conditions

Who can attend?

This webinar is designed for security professionals, network administrators, CIOs, CTOs, and CISOs. Both technology management professionals and mid-level IT professionals will gain more insights on

• Introduction to Kubernetes
• The attack procedures of Kubernetes
• Role-Based Access Control misconfigurations
• Port Scanning and enumeration...and much more