Loading…
In-person + Virtual
16 -20 May
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Wednesday, May 18 • 15:25 - 16:00
How Attackers Use Exposed Prometheus Server to Exploit Kubernetes Clusters - David de Torres Huerta & Miguel Hernández, Sysdig

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.


Prometheus has become the standard for monitoring Kubernetes services. It comes with a set of helpful exporters, and Kubernetes offers several metrics endpoints directly through the API. These features enable monitoring and troubleshooting of most situations that SREs face on a daily basis. But, what if an attacker accesses your Prometheus server? How much information can they get for fingerprinting the cluster? Kernel versions, IP addresses, instance types, library versions…the list goes on and on. In this session, you will learn how attackers use this information in the first part of reconnaissance, to see if you are vulnerable. The speakers will share - What secrets they collect to fingerprint your Kubernetes cluster (hint: they're not after your timeseries) - How to leverage this information internally to secure your cluster - How to prevent the exposition of sensitive information No matter how many safety best practices you apply, you must be aware of every link of the chain.

Click here to view captioning/translation in the MeetingPlay platform!

Speakers
avatar for David de Torres Huerta

David de Torres Huerta

Manager of Engineering, Sysdig
David is manager of engineering at Sysdig. Previously he worked as CTO in a company specialized in IoT for energy metering and Industry 4.0. He is a computer engineer and collaborates with open source projects, but also likes to study anthropology, play blues and make video games... Read More →
avatar for Miguel Hernández

Miguel Hernández

Security content engineer, Sysdig
Miguel is a student for life with a passion for innovation. He has spoken at several cyber-security conferences, including HITB, RootedCon, TheStandoff, and Codemotion. Miguel spent the last six years working in security research at big tech companies. In addition to contributing... Read More →



Wednesday May 18, 2022 15:25 - 16:00 CEST
Auditorium 1A | Event Center Feria Valencia