BSidesSF 2019 has ended
Back To Schedule
Monday, March 4 • 4:10pm - 4:40pm
All Your Containers Are Belong to Us

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The rising adoption of container orchestration tools, such as Kubernetes, has enabled developers to scale cloud applications quickly and efficiently. However with this adoption comes with a new set of security challenges, such as securing the APIs used to manage these ecosystems. We recently conducted a research study that uncovered more than 20,000 publicly accessible management nodes open to the Internet. In this talk we will discuss the implications of the findings and provide recommendations for running orchestration systems securely in the public cloud.

The following platforms are exposed and part of the research: Kubernetes, Mesos Marathon, RedHat OpenShift, Docker Swarm, and Portainer (Docker Management). Not only are these management UIs available on the web but we also discovered that their APIs are also available. Some are wide open. We will uncover how we did this research, who is the most popular cloud provider hosting the containers, which regions are most popular, and show demonstrations of exploitation and discover.

avatar for James Condon

James Condon

Director of Research, Lacework
James Condon is Director of Research at Lacework. James is a security veteran with over 10 years of experience in incident response, intelligence analysis, and automated threat detection. James was previously Director of Threat Research at ProtectWise (acquired by Verizon), an Incident... Read More →

Monday March 4, 2019 4:10pm - 4:40pm PST