Review of Hacking and Securing Kubernetes
A tale of learning to hack and secure the world of containers. Course Link: https://theoffensivelabs.com/p/hacking-and-securing-kubernetes-clusters
TLDR; If you're interested to register for the course, check this link.
What's Kubernetes?
Kubernetes is a container orchestration platform that lets you maintain container based applications at scale. It was open-sourced by Google in early 2000's.
Why should I care?
Well, containers are taking over the application developments life cycle's by storm. I can probably take liberty to draw lines from the evolution of smartphones ruining pagers to the current container ecosystem overtaking the traditional development and deployment life-cycle.
Kubernetes reduces cost and increases reliability, flexibility making it a great choice for teams and Security of the environment is of paramount importance as organisations are well aware about the optics of data leakage in the current arena.
So if you're a pentester, it's important to understand the best practices to be followed in a containerized environment.
Intended Audience & Prerequisites?
You'd need to know the basics of containerization and basics of how web applications and routing works. This course is intended for
Developers who want to learn to secure their application environment
Penetration testing teams who want to secure their organisation
Security researchers and consultants who want to secure their clients
Course content
The course content covers everything from basics of setting up a cluster setup to owning the underlying host to laterally moving and compromising master node. One of the best part of the course that fascinated me was the defenses section which had various mechanisms like using seccomp, apparmor, admission controllers and role based access controls (to name a few)..
What was covered?
The following are the exhaustive list of topics that were covered as a part of the course.
Introduction to kubernetes
Common terms and tools of trade for controlling the setup
Vulnerable application based lab setup and verification
Attack surface of kubernetes
Concepts of authentication, authorization, access control inside a cluster
Penetration testing of a cluster setup
Post exploitation and lateral movement techniques
Breaking out of a cluster to own the master node
Various commonly-found mis-configurations in kubernetes setups
Automated VAPT of clusters
Various defenses to secure cluster against the bad guys.
Review
Pros
The course content was really good. The trainer went straight to the point without discussing generic "Why information security" content (meh! I hate it when people do it all the time)
The content was on-par with some reputed internal conference training's and the content was articulated well.
Their support was really awesome. The team was always available through discord to support me through issues in setting up labs and other queries.
Unlike other courses, defenses section for blue teams was also covered exhaustively.
Cons
I wish there were hands-on labs associated with the course, I'd not hesitate to pay few extra bucks for that. However, the walk-through for the hands-on in the videos were quiet sufficient.
Verdict
Last updated