CNCF Jerusalem presents: How vulnerable is your Kubernetes?

Name: CNCF Jerusalem presents: How vulnerable is your Kubernetes?
Start: 2022-05-10T17:00:00+03:00
End: 2022-05-10T19:30:00+03:00
Location: WeWork King George, Jerusalem

Cloud Native Jerusalem

May 10, 2022, 2:00 – 4:30 PM (UTC)

In-person event

About this event

Vulernabiltiles are one of the biggest security concerns of any K8s user and admin.
in a recent research done by ARMO's Kubescape team on more than 10k K8s clusters scanned, it was found that 63% of the containers had one or more vulnerabilities and 46% of containers had one or more critical vulnerabilities 
In the meetup, we will dive into Kubernetes vulnerabilities, how to detect them and how to fix them, quickly. 
We have an amazing line of speakers
Zain Asgar GVP/GM of Pixie at New Relic, and Omid Azizi, Senior Principal Software Engineer of Pixie at New Relic.
Rory McCrune, Cloud Native Security advocate at Aqua
Ben Hirschberg, VP R&D at ARMO
And there will be time for networking together with Jerusalem's beer, Jerusalem-style Pizza, and the famous knafeh. 
Cool Swag will be handed out to participants.

Speakers

Rory McCune

Datadog

Senior Security Advocate

Zain Asgar

NewRelic

GM of Pixie & New Relic Open Source

Omid Azizi

Pixie

Founding Software Engineer

Ben Hirschberg

ARMO

VP R&D

When

Tuesday, May 10, 2022
2:00 PM – 4:30 PM (UTC)

Where

WeWork King George, Jerusalem
20 King George st
Jerusalem, 96429

Agenda

2:00 PM	Meet and Greet
2:30 PM	Detecting Data Exfiltration on the Edge with Pixie	Detecting data exfiltration in your Kubernetes cluster is important but hard. Capturing the right data, especially encrypted data, in order to perform the analysis can be a hassle. Additionally, it can be a non-starter to export sensitive requests outside of the cluster to perform this analysis. In this talk, you’ll learn how Pixie (an open source, CNCF sandbox project), can be applied to attack this problem. Pixie’s auto-telemetry, in-cluster edge compute, and scriptability make it a powerful tool for anyone looking to identify data exfiltration attacks in their cluster. We’ll show a demo which will also be open source for attendees to reference later. Speakers: Zain Asgarת GVP/GM of Pixie at New Relic, and Omid Azizi, Senior Principal Software Engineer of Pixie at New Relic.
3:00 PM	A review of this year's Container breakout vulnerabilities (so far)	Container breakout vulnerabilities seem to come and go in waves and after a long time of every breakout demo using DirtyCOW and WaitID, we now have a new wave of vulnerabilities to look at. There are a variety of issues including vulnerabilities in the Linux kernel, ContainerD and CRI-O. This talk will look at these issues, what mitigations will (and won't) work and how they can be detected and blocked in Kubernetes clusters. Speaker: Rory McCrune, Cloud Native Security advocate at Aqua
3:30 PM	Detecting a new K8s vulnerability or another Saturday evening (potential) gone wrong	In early 2022, nearly all vulnerability publications related to Kubernetes happened around Thursday-Friday, which means another lost weekend…but things can be done differently. In this session, Ben will reveal how ARMO's Kubescape team deploys controls that check whether a cluster is vulnerable within 2-3 hours since it's published with open source tools like Open Policy Agent and "rego" and still enjoy Saturday night! Speaker: Ben Hirschberg, VP R&D at ARMO
4:00 PM	Beer, Pizza and knafeh

Organizers

Ben Hirschberg

ARMO

Organizer

See bio

Sharone Revah Zitzman

RTFM Please

Chief Manual Reader

See bio

Scott Rosenberg

TeraSky

Lead Architect, CTO Office

See bio

CONTACT US