About the Webinar
Kubernetes, a container-orchestration open-source system that is utilized for automating the deployment of computer application, management, and scaling. Initially designed by Google, this system is now maintained by the Cloud Native Computing Foundation that zeros down to giving an "automation deployment platform, operating containers of applications across a bunch of hosts and scaling".
Regularly utilized as a form of hosting the microservice-based implementation, as Kubernetes and its linked systems of tools offer all the abilities required to pay heed to major concerns of any architecture of microservice.
Key Takeaways
- Attack Process of Kubernetes
An's aggressor will likely stay undetected and work in where no one looks. Attacking Kubernetes bunches by mishandling their organization module highlights permits an aggressor to remain under-the-radar more often than not. Regardless of whatever we discuss, seeing how the framework works is the (just) approach to appropriately make sure about it.
- External Attack Enumeration Process
The enumeration in data security is the way toward erasing client names, machine names, network assets, and different administrations from a framework. All the assembled data is utilized to recognize the weaknesses or feeble focuses in framework security and afterward attempts to misuse it.
- Port Scanning
Port Scanning is perhaps the most well-known methods that hackers use to find administrations, which can misuse and abuse the frameworks. All the frameworks associated with the LAN or getting to arrange by means of a modem that runs services that tune in to notable ports.By utilizing port scanning, we can investigate data, for example, What administrations are running, what clients own those administrations, if unknown login is upheld, regardless of whether certain organization administrations require validation and other related subtleties.
- RBAC Configuration
RBAC Role-Based Access Control is a technique for controlling admittance to a network or PC assets dependent on the jobs of individual clients inside your association.Since the Kubernetes version 1.6 onwards, RBAC strategies are by default empowered. RBAC approaches or policies are fundamental for the right administration of your cluster, as they permit you to determine which sorts of activities are allowed relying upon the client and their job in your association.
Checking Access
A Secret is a subject that contains a modest quantity of critical information, for example, a key, a secret key, or a token. Such data may somehow or another be placed in an image or a Pod specification. Clients can make Secrets and the framework likewise makes a few Secrets. Kubernetes Secrets allows one to store and oversee critical data, for example, ssh keys, passwords, and OAuth tokens. Putting away classified data in a Secret is more secure and more adaptable than putting it verbatim in an image container or a Pod definition.
When you have a running Kubernetes cluster, you can convey or deploy your containerized applications on top of it. In order to do so, a Kubernetes Deployment configuration needs to be created. The Deployment trains Kubernetes on how to make and upgrade examples of your application. Whenever a Deployment is created, the Kubernetes Master schedules the application occasions remembered for that Deployment to run on individual Nodes within the cluster.
Tools Used
Kubernetes audit gives a security-applicable, sequential arrangement of records archiving the grouping of activities within a cluster. The cluster audits the exercises produced by the clients, by applications that utilize the control plane, and the Kubernetes API itself.
Kube Bench is an open-source Go application that runs the CIS Kubernetes Benchmark tests on your cluster to guarantee that it meets the CIS rules for security.
Kube-Hunter is an open-source instrument or tool that chases for security issues in your Kubernetes clusters.It's intended to expand mindfulness and permeability of the security controls in Kubernetes conditions
Who can attend?
This webinar is designed for security professionals, network administrators, CIOs, CTOs, and CISOs. Both technology management professionals and mid-level IT professionals will gain more insights on
- Introduction to Kubernetes
- The attack procedures of Kubernetes
- Role-Based Access Control misconfigurations
- Port Scanning and enumeration...and much more
About Securelayer7
SecureLayer7 is a cybersecurity solution provider with the vision of securing digital businesses using our world-class security expert team. Our experts uncover the security issues in a different area of digital businesses with cost-effective and quality-controlled services.
SecureLayer7 is CERT-in accredited cybersecurity company and certified security consultants, we consult business of all size across the United States of America, Europe, UK, Middle-east, and East Asia in both public and private companies. Unlike most cybersecurity firms, SecureLayer7 combines the best in-house developed automated solutions with an extensive manual security testing methodology based on multiple industry-tested and case-specific solutions.
Speakers profile
When the world relies on technology for every aspect of life, safety in the virtual world becomes quintessential. As a security consultant at SecureLayer7, Dhiyanesh makes sure that you stay safe from all the prying eyes in the virtual world. Being a techie by heart, he dexterously tracks exploitable vulnerabilities & removes risks to ensure your systems are safe. Dhiyanesh's subjects of prowess include Experience in Active Directory Exploitation, Network, Web and Mobile, API, Kubernetis Vulnerability Assessment and Penetration Testing.