heisenbug Heisenbug 2019 SPb (17.05.2019)

Got a Kubernetes cluster, but not miner on pods? We're coming for you!

img

Anton will share his experience of automating use of the basic cluster protection rules, and also detection and attack techniques.

Kubernetes is a powerful and at the same time complex tool. The question of security is pretty important, so it’s necessary to pay extra attention even to the basic settings.

SEMrush Security Team performed an internal audit, collected the most common mistakes of using clusters in the GKE environment, and researched public clusters. In this talk, Anton will share his experience of automating use of the basic cluster protection rules, and also detection and attack techniques.