Cloud Security Podcast

Sidecar Container Vulnerability in Kubernetes explained

Feb 16, 2024

Magno Logan, an expert in Kubernetes security, talks about the silent but deadly vulnerabilities of sidecar containers in Kubernetes. He discusses common attack paths, entry points for attackers, container escape, and ways to secure sidecars, shedding light on the threats beyond crypto mining attacks.

15:32

Creator website

Episode guests

Magno Logan

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Attackers can exploit sidecar container vulnerabilities to stay hidden in Kubernetes clusters.

Maintaining persistence in Kubernetes clusters can involve deploying privileged pods or compromising containers with sidecar injection vulnerabilities.

Deep dives

Sidecar containers for monitoring Kubernetes environment

In this podcast episode, the concept and importance of using Sidecar containers to monitor Kubernetes environments are discussed. Sidecar containers are used to collect logs and send them to a centralized location, all while operating in the same pod as the main application containers. This approach allows for low-noise monitoring without disrupting the main operations of the Kubernetes cluster.

Introduction

2min

Exploring Kubernetes Cluster Exploitation

5min

Security Risks of Sidecar Containers in Kubernetes

4min

Discussion on Native Kubernetes Tools and CNCF Projects for Sidecar Container Security

2min

Exploring the Vulnerability of Sidecar Injection in Kubernetes Containers

3min

Are you familiar with Sidecars in Kubernetes? We spoke to Magno Logan about the complex world of Kubernetes security and the silent but deadly vulnerabilities associated with sidecar containers. Magno shares his extensive research and insights on how attackers can exploit these vulnerabilities to stay hidden within a Kubernetes environment, posing significant threats beyond the commonly discussed crypto mining attacks. Magno spoke about common attack paths targeting Kubernetes clusters, from exploiting application vulnerabilities to leveraging exposed Kubernetes services and compromised valid accounts.

Guest Socials: ⁠Magno Logan

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

Questions asked:

(00:00) Introduction

(01:26) A bit about Magno Logan

(01:49) Kubernetes Common Threats Explained

(02:23) Kubernetes Cluster Attack Entry Points

(04:28) How attackers maintain persistent access in Kubernetes?

(05:30) Container Escape Explained

(07:03) Maintaining Persistence in Kubernetes Clusters

(08:18) What are Sidecars?

(10:43) How to secure your sidecars?

(12:33) Where can people learn more about this

(13:57) The Fun Section

Resources spoken about on the podcast

Mitre Att&ck Containers Matrix

Microsoft Threat Matrix

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Cloud Security Podcast

Sidecar Container Vulnerability in Kubernetes explained

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Sidecar containers for monitoring Kubernetes environment

Common attack paths in Kubernetes clusters

Persistent access and container escape in Kubernetes

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Cloud Security Podcast

Sidecar Container Vulnerability in Kubernetes explained

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Sidecar containers for monitoring Kubernetes environment

Common attack paths in Kubernetes clusters

Persistent access and container escape in Kubernetes

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights