Cracking the kernel - adventures with kernel exploits in Kubernetes

Cracking the kernel - adventures with kernel exploits in Kubernetes

Description:

We interact with the operating system kernel in many different ways, by reading from the file system, opening a device file, issuing system calls, or sending a packet over the network interface. Each time the kernel does this on behalf of user space, it checks if the user has permission to call that action by checking privileges. Kernel privilege escalation is a process of obtaining additional permissions by exploiting a weakness in kernel code. In this talk we'll explore what kernel privilege exploits are, look at an example in practice, and then show the different ways in which containers and Kubernetes can help to reduce the impact of these kinds of exploits.

Speakers:

Matt Jarvis

Director of Developer Relations, Snyk

Kamil Potrec

Senior Security Engineer, Snyk

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo