Summary

Total Articles Found: 4

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Tool Release – Enumerating Docker Registries with go-pillage-registries
  • A Survey of Istio's Network Security Features
  • Deep Dive into Real-World Kubernetes Threats
  • ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again

ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again

This post is a technical discussion of the underlying vulnerability of CVE-2020-15257, and how it can be exploited. Our technical advisory on this issue is available here, but this post goes much further into the process that led to finding the issue, the practicalities of exploiting the vulnerability itself, various complications around fixing the issue, … Continue reading ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again →

...more

A Survey of Istio's Network Security Features

Published: 2020-03-04 12:00:00

Popularity: 12

Author: jleadfordncc

Keywords:

  • Cloud & Containerization
  • North American Research
  • Research
  • Istio
  • Kubernetes
  • security analysis
  • service mesh
  • 🤖: "Secure network gates"

    Istio is a service mesh, which, in general, exist as a compliment to container orchestrators (e.g. Kubernetes) in order to provide additional, service-centric features surrounding traffic management, security, and observability. Istio is arguably the most popular service mesh (using GitHub stars as a metric). This blog post assumes working familiarity with Kubernetes and microservices, but … Continue reading A Survey of Istio's Network Security Features →

    ...more

    Deep Dive into Real-World Kubernetes Threats

    Published: 2020-02-12 12:00:00

    Popularity: 8

    Author: nccmanning

    Keywords:

  • Cloud & Containerization
  • Conferences
  • North American Research
  • Research
  • Kubernetes
  • Pentesting
  • Shmoocon
  • On Saturday, February 1st, I gave my talk titled “Command and KubeCTL: Real-World Kubernetes Security for Pentesters” at Shmoocon 2020. I’m following up with this post that goes into more details than I could cover in 50 minutes. This will re-iterate the points I attempted to make, walk through the demo, and provide resources for … Continue reading Deep Dive into Real-World Kubernetes Threats →

    ...more

    Tool Release – Enumerating Docker Registries with go-pillage-registries

    Published: 2020-01-24 13:15:00

    Popularity: 42

    Author: jmakinenncc

    Keywords:

  • Cloud & Containerization
  • North American Research
  • Research
  • Tool Release
  • Container registry
  • Containers
  • Docker
  • Shmoocon
  • 🤖: "docker hack!"

    Introduction Containerization solutions are becoming increasingly common throughout the industry due to their vast applications in logically separating and packaging processes to run consistently across environments. Docker represents these processes as images by packaging a base filesystem and initialization instructions for the runtime environment. Developers can use common base images and instruct Docker to execute … Continue reading Tool Release – Enumerating Docker Registries with go-pillage-registries →

    ...more

    end