Elliot Speck
[Sense Of Security]
Elliot's personal areas of research and expertise lie in cloud computing and containerised architectures, social engineering, and systems security, but he also performs extensive work with web applications, industrial control systems, and network infrastructure.

He has a strong background in BSD, Linux, macOS, and Windows system administration in both a server and endpoint capacity.

Elliot spends a good deal of his free time working on making things perform varying degrees of undefined behaviour for his own amusement. He currently works for Sense of Security, a specialist information security firm in Australia under the CyberCX banner.

Orchestrated Containers and How to Hack Them

Technical Level (3 being the highest score): 3

Kubernetes dropped into the scene in 2014 as a gift from Google, promising to help simplify the dev/ops workflow by moving to immutable, idempotent infrastructure-ascode setups. It's seen rapid adoption in the last couple of years with managed offerings from Amazon AWS, Microsoft Azure, and Google GCP.

Unfortunately, this world of containers comes with a false sense of security and many of the defaults for Kubernetes leave your environments wide open to attack.

Confusing documentation, insecure defaults, and overall ecosystem immaturity lead to drastic gaps in environmental security, and monitoring, reducing your organisation's capacity to detect, prevent, and respond to a malicious actor attacking your containerised assets - a situation that has been capitalised on by managed security vendors charging tens of thousands of dollars for domain experience that never trickles down into the core of your deployment strategies.

Luckily, with a few simple pointers the sky will no longer be falling.

This presentation focuses on attack paths we take, and points of interest we look at, when performing orchestrated containerised environment security reviews.

It looks at common mistakes and low-hanging fruit in network configurations and authorisation policies, as well as supplemental configurations and automated policy enforcement to harden your environment and raise the bar.

Secure your place now!