Loading…
Wednesday, November 20 • 2:25pm - 3:00pm
Piloting Around the Rocks: Avoiding Threats in Kubernetes - Robert Tonic & Stefan Edwards, Trail of Bits

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Over three months in 2019, Trail of Bits completed the first-ever security review of Kubernetes, consisting of source review, dynamic testing, and threat modeling. One artifact, the threat model, lets users understand the risks of any given feature or deployment. We’ll show attendees how to make the most of this invaluable resource.

First, we’ll break down the architecture of Kubernetes into trust zones. These are security boundaries where controls should be enforced. Incorrectly implemented controls can result in catastrophic security failures.

After we describe the trust zones, you’ll find the architectural issues are easy to identify. We’ll discuss a few! We’ll also situate vulnerabilities we found in our code review into each trust zone.

Finally, we’ll teach you how to review your own Kubernetes environment using our threat model to get simple answers to your security questions.

Speakers
avatar for Robert Tonic

Robert Tonic

Security Engineer, Trail of Bits
Robert performs audits and assessments of blockchain and web-related technologies in our assurance practice. He most enjoys client interactions, especially those that help clients uncover deep-rooted design flaws and correctness issues. Prior to joining Trail of Bits, Robert worked... Read More →
SE

Stefan Edwards

Principal Security Engineer, Trail of Bits
Stefan performs assurance work across a variety of verticals, from blockchain to IoT to Defense. In addition, he’s heavily involved in our infrastructure and architecture review work, and makes discerning comments in our reports. Prior to Trail of Bits, Stefan worked at nVisium... Read More →