Virtual Event
May 4 - May 7
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2021 Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Back To Schedule
Thursday, May 6 • 11:35 - 12:10
The Art of Hiding Yourself - Lorenzo Fontana, Sysdig

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Kubernetes security is an ongoing effort today. In this talk we look at how a hacker would attempt to remain anonymous while compromising a Kubernetes cluster. Seconds after a node or a cluster are compromised, the bad actors start to take measures to make sure their hard work can profit for a while. What do they do? They start hiding their traces. Depending on the attack vector, they will need to hide their traces at multiple levels. They will begin by asking themselves some questions: - Are there are audit log mechanisms? - Kubernetes audit log is enabled? Can I tamper it? - There is deep packet inspection? Can I tamper it? - How to hide processes, containers, tasks to the owners? - There’s any non-conventional place where I can put files? - What about hiding my files in the kubernetes etcd? - How can I hide the network connections I make? In this talk we are going to discuss the broader picture of how the second part of an attack is handled by a bad actor.

avatar for Lorenzo Fontana

Lorenzo Fontana

Senior Software Engineer, Gitpod
Lorenzo Fontana is an Open Source Software Engineer at Sysdig where he primarily works on Falco. He’s passionate about distributed systems, software defined networking, the Linux kernel, containers security and performance analysis.

deck pdf

Thursday May 6, 2021 11:35 - 12:10 CEST
Security Theater