Securing Secrets in K8s Environments - Rahul Jadhav, AccuKnox
![CNCF [Cloud Native Computing Foundation]](https://api.seevid.ir/img/avatar/v1/txe66EjpkDQQlx_4jDV0yA0PPsww0rqQrFhMpDqagLWN2-EUBBO65IuIyy5tEFVmpI4_RRduzXc=s176-c-k-c0x00ffffff-no-rw)
376 بار بازدید -
7 ماه پیش
-
Don't miss out! Join us
Don't miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon Europe in Paris from March 19-22, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at https://kubecon.io
Securing Secrets in K8s Environments - Rahul Jadhav, AccuKnox
Every org has to deal with credential management; be it DB creds needed by microservices or access tokens. The first thing that is usually done in the context is to get a secrets management tool such as Hashicorp Vault or CyberArk Conjur. Ransomware attackers target these tools especially those deployed onprem. The session will talk about the holistic threat models around using such tools and how to harden such secrets management tools. Threat models would include how secrets are injected in the target workloads and possibilities of secret leakages. How the attackers can target the persistent volume where the secrets are stored? The session will provide insights into how secrets are served and the attack points for the attackers. Real world threat vectors would be provided and a demo would be provided as to how attacker can gain access to the secrets and possible security solutions considering Hashicorp Vault. The session will only talk from Kubernetes security perspective.
Securing Secrets in K8s Environments - Rahul Jadhav, AccuKnox
Every org has to deal with credential management; be it DB creds needed by microservices or access tokens. The first thing that is usually done in the context is to get a secrets management tool such as Hashicorp Vault or CyberArk Conjur. Ransomware attackers target these tools especially those deployed onprem. The session will talk about the holistic threat models around using such tools and how to harden such secrets management tools. Threat models would include how secrets are injected in the target workloads and possibilities of secret leakages. How the attackers can target the persistent volume where the secrets are stored? The session will provide insights into how secrets are served and the attack points for the attackers. Real world threat vectors would be provided and a demo would be provided as to how attacker can gain access to the secrets and possible security solutions considering Hashicorp Vault. The session will only talk from Kubernetes security perspective.
7 ماه پیش
در تاریخ 1402/09/27 منتشر شده
است.
376
بـار بازدید شده