Skip to navigation Skip to main content Skip to footer

Resource Center

Filter content

Reset filters

Dangers of Kubernetes IAM Integrations

On a recent Kubernetes security assessment, Josh Makinen and I were provided restricted access to a GKE cluster and we noticed some disparity between our accounts’ access even though we were given the same permissions. This lead us into diving a bit deeper into how Kubernetes handles permission controls when integrating with a cloud provider. […]


Deep Dive into Real-World Kubernetes Threats

On Saturday, February 1st, I gave my talk titled “Command and KubeCTL: Real-World Kubernetes Security for Pentesters” at Shmoocon 2020. I’m following up with this post that goes into more details than I could cover in 50 minutes. This will re-iterate the points I attempted to make, walk through the demo, and provide resources for […]