I am thrilled to share that I had the opportunity to speak at the CNCF Québec meetup this week. My presentation focused on the various security vectors that a malicious actor may exploit to target an Azure Kubernetes Cluster deployment.
Throughout my talk, I highlighted several critical topics that I believe are crucial for understanding and preventing security breaches, including:
- The exploitation of Azure Resource Graph for discovery purposes
- The risks associated with malicious admission controllers
- Network attacks and their implications
- The importance of understanding the differences between AKS Service Principal and MSI
- Insider attacks and their impact on security.