Kubernetes Security Controls

Here is a summary of Kubernetes Security Controls.

Background

Threat Modeling

Docker containers are not a security boundary
RCE in application running in a container (We want to limit the damage)
Restrict isolated attacker on the network as much as possible (Principle of least privilege)

Concerns

Want to avoid limiting

Learn More

Recent posts

Kubernetes Security Tools

This post lists out popular K8s security tools. The list will be updated regularly.

Full Story

Kubernetes Security Controls

Here is a summary of Kubernetes Security Controls.

Full Story

CaliSec won Splunk Boss of the SOC Day 2019 (San Jose)

Calisec Team won Splunk Boss of the SOC (BOTS) Day 2019 (San Jose)...

Full Story

Code Cave

To modify a Windows EXE file and save an altered version containing Trojan code in a new PE section without breaking the program.

Full Story

SLAE Challenge 7: Custom Crypter

- Create a custom crypter like the one shown in the “crypters” video - Free to use any exisSng encrypSon schema - Can use any programming language

Full Story

SLAE Challenge 6: Polymorphism

- Take up 3 shellcodes from Shell-Storm and create polymorphic versions of them to beat paLern matching - The polymorphic versions cannot be larger 150% of the exisSng shellcode - Bonus points for making it shorter in length than original

Full Story