February 1-2, 2023 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2023 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -8. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Wednesday, February 1 • 3:50pm - 4:25pm
Get Your Security Priorities Straight! How to Identify Workloads Under Real Threat with Context - Ben Hirschberg, ARMO & Arie Haenel, Intel

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Is a privileged container a security threat? Should you spend time defining a pod so it can run with a read-only filesystem? These and similar questions are raised constantly by multiple authors and projects. In most cases, there is a good reason behind these questions. However, the difference between a potential threat and a real one is far from self-explanatory and highly depends on the circumstances to differentiate between real threats. This is where the answer lies and we are presenting a security prioritization system for Kubernetes workloads that is based on the MITRE framework and its categorization. This system is built upon data aggregated from a high volume of security controls, that cover multiple projects, structured in a way that makes it easy to find contextual information about different problems. We are going to present the algorithm behind the prioritization engine which is able to calculate the security exposures score for a diversity of Kubernetes workloads. We will then review the results based on real production clusters, and how they fair against real security analysis, enabling anyone to differentiate between actual threats that should be mitigated quickly and those we can be less concerned about.

avatar for Ben Hirschberg

Ben Hirschberg

Co-Founder, ARMO
Ben is a veteran cybersecurity and DevOps professional, as well as computer science lecturer. Today, he is the co-founder at ARMO, with a vision of making end-to-end Kubernetes security simple for everyone, and a core maintainer of the open source Kubescape project. He teaches advanced... Read More →

Arie Haenel

Principal Engineer, Intel
Arie Haenel is a Principal Engineer at Intel, where he leads ASSERT, an Offensive Security Research team. He has over 20 years of professional experience, in security research and security product development on a vast number of platforms, at Intel, Cisco and NDS. In his spare time... Read More →

Wednesday February 1, 2023 3:50pm - 4:25pm PST
Room 612