(Workshop) Keeping your Kubernetes secured using kube-hunter, kube-bench and microscanner

Speaker: Amir Jerbi (Israel)

Abstract

This is a hands-on workshop session that will show you how to apply opensource and free tools to apply good security hygiene with your Kubernetes cluster. During the workshop we will show some real attacks that can happen due to a miss-configured cluster and how the opensource tools can help us identify these issues and remediate them.

The following tools will be used during the session:

• kube-hunter: A pen-testing tool for Kubernetes that simulates attacks on your cluster. It shows you what is the attack surface for your existing Kubernetes cluster.
• kube-bench: A configuration assessment tool that shows you how to tweak your cluster settings based on the CIS best practices.
• microscanner: A free image scanning utility that scans your Docker images for known security vulnerabilities.

Other Info:

Attendees should have access to a Kubernetes cluster (can be a mini-kube installed on their laptop). Network access to download opensource tools is also needed.

Biography

Amir Jerbi brings to Aqua 17 years of security software experience in technical leadership positions. Amir co-founded Aqua with the vision of creating a security solution that will be simpler and lighter than traditional security products.

Prior to Aqua, he was a Chief Architect at CA Technologies, in charge of the host based security product line, building enterprise grade security products for Global 1000 companies. Amir has 14 cloud and virtual security patents under his belt. In his free time, Amir enjoys backpacking in exotic places.

Twitter: @jerbia