Abstract of the talk…
Kubernetes is a powerful set of abstractions, but it's flexibility and configurability means it's pretty insecure by default. In this hands on talk, I'll show how an attacker can expand the blast radius of an exploit from a vulnerable web application in a container to owning the entire cluster. I'll also cover some ways in which you can prevent this happening to you !
Bio…
Matt Jarvis is a Senior Developer Advocate at Snyk. Matt has spent more than 15 years building products and services around open source software, on everything from embedded devices to large scale distributed systems. Most recently he has been focused on the open cloud infrastructure space, and in emerging patterns for cloud native applications. Matt is a regular speaker at conferences across the world, including Open Infrastructure Summit, FOSDEM and All Things Open, a past winner of the OpenStack Outstanding Community Contributor award, and in 2021 was named one of the Top 100 influencers in Open Technologies in the UK. Matt is also a board director of OpenUK, and the founder of Cloud Native Manchester and Cloud Natives UK.
Key take-aways from the talk…
Kubernetes security considerations
