Yossi Weizman Senior Security Researcher, Microsoft
Yossi Weizman is a Senior Security Researcher in the Cloud Security Research team at Microsoft. He has 10 years of experience in the security research field, starting in the Israeli military. In his current role, Yossi’s main focus is container security. Yossi holds a B.Sc. in Computer Science from Bar-Ilan University.
Discussion: AppSec Block
This is a Q&A session. Moderators will take audience questions both remotely and on-site via sli.do.
Hosted panel discussion and Q&A.
Talk: From the cluster to the cloud and back to the cluster: Lateral movements in Kubernetes
Talks will be streamed on YouTube and Twitch for free.
In this session we will take a deep dive into Kubernetes lateral movements. We will elaborate about the different identity types used by Kubernetes and how attackers use those identities to escalate their privileges in the cluster and move laterally to external cloud resources. We will explain the various cluster-to-cloud authentication methods in the various cloud providers (AKS, EKS and GKE) and the risks that each one poses. We will show real-world examples of misconfigurations that led to cluster takeovers and explain how they could be prevented.