https://github.com/stackrox/bsidessf-2020-workshop

Materials for a live workshop at BSidesSF on deployment-level Kubernetes security controls
https://github.com/stackrox/bsidessf-2020-workshop

bsidessf k8s kubernetes security workshop

Last synced: 5 months ago
JSON representation

Materials for a live workshop at BSidesSF on deployment-level Kubernetes security controls

• Host: GitHub
• URL: https://github.com/stackrox/bsidessf-2020-workshop
• Owner: stackrox
• License: apache-2.0
• Created: 2020-02-11T22:03:15.000Z (almost 6 years ago)
• Default Branch: master
• Last Pushed: 2022-05-19T01:12:46.000Z (over 3 years ago)
• Last Synced: 2025-05-06T08:47:37.179Z (9 months ago)
• Topics: bsidessf, k8s, kubernetes, security, workshop
• Language: Go
• Homepage: https://securek8s.dev
• Size: 90.8 KB
• Stars: 36
• Watchers: 4
• Forks: 11
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
This content supports a live workshop at BSidesSF 2020:

"Using Built-in Kubernetes Controls to Secure Your Applications".

The workshop includes some extra introduction and conclusion content,

but centers around these workshop examples.

Each case will typically follow a common structure:

 - **Presenter:** a short introduction on how the control works (2 minutes)

 - **Attendees:** run a deployment with the default configuration

 - **Attendees:** attack the default configuration

      - Note: be clear if this is an out-of-the box default (e.g. no netpols), something particular to one environment (e.g. no CNI provider), or a contrived “mistake” (e.g. cluster admin)

 - **Presenter:** explain what we can do to change the default (1-2 minutes)

 - **Attendees:** apply a patch

 - **Attendees:** repeat attack and be sad (or happy!) it is stopped