Kraken Hunter

General Details

In this workshop we:

• Start by showing you how Sysdig can detect an attack/exploit of a running Kubernetes workload in real-time
• We then get into the details of why that attack was successful (including various misconfigurations of its posture coupled with a remote code execution (RCE) vulnerability in its code) - and how we can help you fix it.
• These fixes include unique features of Sysdig to prevent things that were not in the image (Container Drift) as well as known malware from running - while still leaving your application up and serving your customers.
• We then show you how we can detect lateral movement from an exploited container through to nefarious activity against AWS services/APIs through our Cloud Detection and Response (CDR) capabilities
• Then we show you how we can help you to understand and prioritise what vulnerabilities you have in your running workloads - including our unique capabilities to understand whether a vulnerable package is actually running or just in the image (InUse)
• Finally we show you how Sysdig can help you to create least-privilege NetworkPolicies to ensure that network traffic that is not required for the app(s) to function is not possible - both between services on the cluster as well as between those services and the Internet

Class Details

Held in Dallas, this is a half-day course focused on the challenges security professionals face in cloud native applications.

In this hands-on class, you will go through various modules covering critical steps within the deployment lifecycle. An environment will be provided for you, all you need to do is bring a laptop capable of an internet connection. From there you’ll work through instructor-led modules on Threat Detection, Vulnerability Management, Cloud and Kubernetes Security Posture Management, Network Isolation, and even execute a few exploits against vulnerable containers.

Upon completion of the class you will have a better understanding of the eccentricities facing security professionals when dealing with cloud native applications as well as Sysdig and the OSS security tools leveraged in the greater ecosystem.