Путь атакующего Kubernetes | Анастасия Березовская
How does an attacker progress from an application vulnerability to taking over a Kubernetes cluster? Using practical demos, we'll explore RCE, SSRF, container escape, dangerous Security Context and Linux Capabilities, as well as defenses such as Network Policies, Seccomp, Falco, and the principle of least privilege. 00:00 — Introduction and the Swiss Cheese Model 01:50 — Kubernetes Testing Infrastructure 04:02 — Remote Code Execution Vulnerabilities 05:50 — React to Shell Analysis 11:41 — React to Shell Exploitation Demo 13:45 — RCE Defenses 15:43 — SSRF Exploitation via Redis 22:07 — SSRF Defenses 24:05 — Code Execution via Langflow 28:31 — Open Source Security 29:18 — Containerization Basics 32:34 — How Namespaces Work 34:44 — Linux Capabilities 37:29 — Security Context in Kubernetes 38:54 — Privileged Container Escape 40:35 — Escape via CAP_SYS_PTRACE 43:14 — Node Access via Capabilities 45:33 — Obtaining Root Access and Security Measures 47:38 — Taking Over a Kubernetes Cluster

C++ vs. Rust: Yandex Userver vs. Axum. Who's the Blazing Winner?

Everything You Need to Know About Monitoring

CI/CD — In Plain English with a Clear Example

If Not Mobilization, Then What?

C++ 2026: безопасность, рефлексия, C++ vs Rust, будущее языка – Антон Полухин в Подлодке

CISO Avito: к чему инженеры ИБ должны готовиться уже СЕЙЧАС

AI won't kill the profession, it'll just add more work (and it's always glitching) – Phil Ranzhin

Мобилизация в октябре: будет или нет?

CISO Reveals the Whole Truth About a Career in Cybersecurity

The Java Story | The Official Documentary

NETWORKING IN KUBERNETES

Reticulum: How to Build a Network Without the Internet | A Deep Dive into Mesh Networks

Нейросети Никогда не заменят программистов. И вот почему

Local AI Agents - EVERYTHING You Need to Know: Parameters, Hardware, Speed, Privacy

THE ENTIRE WORLD IS ALREADY HACKED: The Internet’s Scariest Investigation

🔞 Поперечный: Критика после ВПИСКИ | Может ли другая страна стать домом | "Оставшиеся" и "Уехавшие".

Google vs. the Kremlin: An Unexpected Turn in the Battle for the RuNet. It’s More Complicated Tha...

How Do Hackers Work for the State? A Deep Dive Into Cybersecurity

No Boss, No Money: The Raw Reality of China’s Gen-Z Freelancers

