2-DAY TRAINING 3 – From Zero to Hero: Pentesting and Securitization of Docker Swarm & Kubernetes Environments
THIS CLASS IS NOW BEING HELD ONLINE FOLLOWING SINGAPORE TIMEZONE (CET +6)
DURATION: 2 DAYS
CAPACITY: 15 pax
SEATS AVAILABLE: REGISTRATION CLOSED
This training is designed for RedTeam and BlueTeam professionals who are looking for practical applied security knowledge on containerisation and orchestration from an offensive and defensive point of view. Black Box, Grey Box and White Box analysis are covered on Docker, Docker Swarm and Kubernetes.
From the offensive side, attack techniques related to containers/pods compromising, exploitation, networking abuses, privileges escalation, persistence, lateral movement and node takeover among others will be explained.
On the defensive side, common security issues and a secure way of building docker images and YML deployment files for Swarm and Kubernetes will be analyzed, the right implementation of RBAC access management will be explained, and vulnerability scanners on files and CI/CD pipelines will be presented with other best practices
Key Learning Objectives
Understanding of how Docker, Swarm and Kubernetes work from local to productive environments.
Black, grey and white box analysis of Docker, Swarm and Kubernetes with applied offensive techniques.
Docker Swarm and Kubernetes securitization.
Who Should Attend
Offensive security professionals
Cloud security professionals
Anyone interested in learning more about common issues over containerisation, containers orchestrators and their security concerns
Linux basics (including bash and filesystems)
Pentesting experience (not required)
Hardware / Software Requirements
Laptop with at least 8GB RAM and 40GB free disk space
Admin/Root access on your laptop
Agenda – Day 1:
Docker Black Box Analysis:
Are we inside a container? Recognizing container environments
Container introspection: named/bind volumes, sensitive data, network configuration and more
Do we have container neighbors? Scanning docker networks
Abusing docker networks defaults
Pivoting: compromising the whole docker environment