ATTACKING AND DEFENDING CONTAINERS, KUBERNETES AND SERVERLESS

Overview

With Organizations rapidly moving towards micro-service style architecture for their applications, container and serverless technology seem to be taking over at a rapid rate. Leading container technologies like Docker have risen in popularity and have been widely used because they have helped package and deploy consistent-state applications. Serverless and Orchestration technologies like Kubernetes help scale such deployments to a massive scale which can potentially increase the overall attack-surface to a massive extent, if security is not given the attention required.

Security continues to remain a key challenge that both Organizations and Security practitioners face with containerized and, serverless deployments. While container orchestrated deployments may be vulnerable to security threats that plague any typical application deployments, they face specific security threats related to the containerization daemon, shared kernel, shared resources, secret management, insecure configurations, role management issues and many more!

Serverless deployments, on the other hand face risks such as insecure serverless deployment configurations, Inadequate function monitoring and logging, Broken authentication, Function event data injection & Insecure application secrets storage. Attacking an infrastructure or Applications leveraging containers and serverless technology requires specific skill-set and a deep understanding of the underlying architecture.



After this training, attendees will know:


  • Attacking and Securing Applications leveraging containers and, serverless technology requires specific skill set with a deep understanding of their underlying architecture that attendees will be able to understand.

  • This course is aimed at Developers, DevOps Engineers, Penetration Testers and Security practitioners who plan to use container or serverless technology as part of their product deployments and want to get a good understanding on how to secure their services and deployments.

  • Training will be extremely hands-on with exercises that are similar to real-world threat scenarios that the attendees will understand and take part in. This will help them understand all there is to attack and secure containerized and, serverless applications.

  • On completion, attendees will also understand ways attack and securely deploy on Container Orchestration technology like Kubernetes and on Serverless.


Laptop requirements

  • Intel i5 and above preferred, 64bit Operating System (32 bit will NOT work), 8GB+ RAM preferred. Netbooks WON’T work.

  • Working WiFi adapter with ability to connect to third party wireless networks.


Lab  requirements


  • We have created cloud labs for all the exercises and labs of the program to work. You will need a terminal program to SSH into the remote lab environments. These programs should work fine: Mac OSX => ITerm2 or Terminal (no need to install), Windows => Putty or Cygwin, Linux => Terminal (no need to install anything else).

  • Since AppSecCali doesn't provide Wi-Fi , we are carrying our WiFi for the labs. Nevertheless, as a backup, we are still carrying VMs for the lab environments that we will be running. Please download and install the latest version of Oracle VM VirtualBox (https://www.virtualbox.org/). We have prepped the images to run in VirtualBox 6.0 (latest).

  • In the event the Wi-Fi is unreliable, we will be carrying USB flash drives with the VMs which you can use to run the labs. You will need to have cables/adapters to copy from USB flash drives to your laptop. You will also need the requisite permissions and privileges to copy and install software on your laptop. Please be sure of this before you come in for the class, as we will not be able to help you with this in class.

  • If you are running VMs on a Mac, it's typically problem-free. However, if you are running Windows Host OS, you will need to check the following:

  • 50GB free space on HDD for VM(s)





English

3 days

8, 9, 10 June

TBC

Cost

Early bird (Until March 31st)

CONSULTAS

Escribinos a capacitacion@ekoparty.org


Instructor


Abhay Bhargav

 

Abhay Bhargav is the Founder of we45, a focused Application Security Company. Abhay is a builder and breaker of applications. He is the Chief Architect of "Orchestron", a leading Application Vulnerability Correlation and Orchestration Framework. He has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world's first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to his work in Application Security Automation, he has created "ThreatPlaybook", a unique open-source framework that marries Threat-Modeling (as-Code) with Application Security Automation.
ThreatPlaybook has been featured in several industry events and been recently featured in BlackHat USA 2018's Arsenal event. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, namely Containers, Orchestration and Serverless Architectures. Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His trainings have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan) and so on.

He's also an author and trainer on Pluralsight. He writes on IT and IT Security-focused areas in his blog. Abhay is the author of two international publications "Secure Java: For Web Application Development" and "PCI Compliance: A Definitive Guide".