COMMSEC: Kubernetes Security Detection Engineering – Mapping Back to MITRE ATT&CK Matrix

Date

April 21, 2023

Time

16:30

Track

CommSec Track


Kubernetes has become a de facto way of running containerized workloads from startups to enterprises and governments, however like most modern technology, it’s not mature, especially in regards to security. Given its nature of being immutable and things happening in a matter of seconds, it’s super hard to perform security detection and incident response.
In this talk we will be focusing on the MITRE ATT&CK matrix for Kubernetes with showcasing what things can go wrong in different phases of the running container workloads, then we map back to what we should observe, collect, analyze, monitor, alert, and respond. We will showcase all the possible mappings of the matrix to the detection engineering. We will also cover some interesting real-world examples of hacks, known vulnerabilities, and misconfiguration. We will also showcase how we simulate these attacks in a controlled environment using the Kubernetes Goat project.

Speakers

Creator

Kubernetes Goat

Other Talks in This Track

LOCATION

CommSec Track

DATE

April 21

TIME

11:00

LOCATION

CommSec Track

DATE

April 21

TIME

12:00

LOCATION

CommSec Track

DATE

April 21

TIME

17:00