KubeFM’s Post

🚨 Exposed Kubernetes secrets are a ticking supply chain attack bomb! Yakir Kadkoda and Assaf Morag break down this critical issue on KubeFM, offering insights on how to stay secure. Check out the full conversation here ⤵️ https://lnkd.in/gAmW-nxZ #AquaNautilus #ThreatResearch #Kubernetes

❗️How can an attack maintain persistance in a Kubernetes Environment once they have gotten in? ❗️ We spoke to Magno Logan about different persistance tactics in Kubernetes 🎯 Persistence Tactics Explored Pod Deployment: There are nuances of deploying pods, particularly privileged ones, to gain persistence. RBAC Challenges: There are several intricacies of Role-Based Access Control and getting it right is both crucial and complex. 🔍 Beyond the Basics Secrets in the Cluster: We uncover the hidden risks and what lurks within the secrets of your Kubernetes cluster. Escaping the Cluster: Learn about the potential vulnerabilities that could allow attackers to escape the cluster environment. If you are interested in Kubernetes security, Magno had some great things to share on this episode, we have linked the full episode in the comments below #kubernetessecurity #cloudnativesecurity #cloudsecurity

This evening Dr. Damian Igbe and Aly Ibrahim led a discussion of "The state of Kubernetes security report 2024 edition" Red Hat® report. Notes/Excerpts: 1) container base images can be a source of vulnerabilities. In most production environments you have your own private registry, but if that is not the case you rely on the external registry to perform scanning/CVEs. 2) "Nearly 9 in 10 organizations had at least 1 container or Kubernetes security incident in the last 12 months." 3) "42% of respondents believe that their company does not sufficiently invest in container security or address related threats" Check out the very welcoming and open meetup group: https://lnkd.in/dzKDJx_f

🌟 Excited to embark on the next phase of my cybersecurity journey with the PJWT course from TCM Security! 🎯 Having fun revisiting and reinforcing what I know:    🕸️ Understanding Web Application Architecture and core principles of Web Security, including the critical OWASP Top 10.    🛠️ Strategies and tools essential for Bug Bounty Hunting vs. Penetration Testing, with a focus on the Burp Suite.    🚀 Advancing my techniques in evasion, WAF bypassing, and honing my ability to write reports.    🧭 Embracing an ethical approach to cybersecurity and navigating legal frameworks Ready to validate my skills with the upcoming certification! 🎯 #WebSecurity #PJWT #BugBounty #EthicalHacking #TCMSecurity

We often struggle with Supply Chain attacks and also as Security Professionals we are grasping GitOps, but not very easy to map this with threat blue prints and understand which action of Git should be under radar until now. Kudos to awesome research by John Stawinski and Adnan Khan. You can check our the Common attack paths for identifying GitHub Actions with their vulnerabilities. Github Repo: https://lnkd.in/gfnqjiGE Slides from DefCon: https://lnkd.in/gHGsPgeZ Slides from Blackhat: https://lnkd.in/gCg7nq6v

Let's Talk About Automated Red Teaming in Kubernetes Security: New blog alert 👁 #Gartner recently released a new report titled "How to Self-Assess Your Kubernetes Maturity." This report joins four others this year, all addressing the growing pains of Kubernetes. Some of the growing pains we’ve identified at KTrust include: - Automating your K8s security tasks - Continuously maintaining security Check out our latest blog on automated red teaming in Kubernetes security and why we believe it’s the new way to identify vulnerabilities before real attackers can exploit them. Read the full blog here: https://shorturl.at/u0VFZ #kubernetessecurity #automatedredteam

KTrust's latest blog discusses automated red teaming in Kubernetes security as a proactive method to identify vulnerabilities, amidst growing challenges in automating and maintaining K8s security, highlighted in Gartner's new report on Kubernetes maturity. #awzvelocityhub

𝗛𝗔𝗖𝗞𝗘𝗥𝗦 𝗔𝗧 𝗧𝗛𝗘 𝗞𝗨𝗕𝗘𝗥𝗡𝗘𝗧𝗘𝗦 𝗚𝗔𝗧𝗘?! 🚫 Your Kubernetes Ingress Controller acts as a gateway, directing traffic to the right services within your cluster. It's powerful, allowing for complex routing and security features, but this exposure to external traffic makes it a prime target for attackers. Unlike most internal Kubernetes components, the Ingress Controller faces the outside world. This position offers both advantages (sophisticated routing) and vulnerabilities (potential exploits). Understanding these vulnerabilities is fundamental to securing your clusters. KTrust takes a proactive approach to #Kubernetes #security by continuously mimicking real-world attacker methods. We leverage our research on exploiting #vulnerabilities and weaknesses specific to Kubernetes environments to identify and address security gaps before they can be exploited.

Discover Kodem's Attack Path Analysis 💥 Sophisticated attacks rarely rely on a single vulnerability. Instead, they unfold as a sequence of exploits, each paving the way for the next. This interconnected chain of vulnerabilities and exploits forms an attack path. Learn more >> >> https://hubs.la/Q02MD5qp0 By mapping out these paths, security teams can better anticipate potential threats and take proactive measures to mitigate them. This approach goes beyond merely addressing individual vulnerabilities and instead focuses on the bigger picture, allowing for a more comprehensive security strategy. At Kodem, we understand the importance of seeing the full attack landscape. Our Attack Path Analysis tool provides deep insights into how an attacker might navigate through your system, revealing critical points of vulnerability that need attention. #github #googlecloud #databreach

If you haven't yet checked out this whitepaper, here's your opportunity... Insights to the real-world positive impact on SecOps via MSFT Copilot for Security.