Doing a cloud native security workshop on running Docker and Harbor

It's very nice.

Is a way to ensure that non vulnerable VMs are not added to a repository (amongst others)

In just 10 minutes I did some reconnaissance on a Kubernetes cluster to find vulnerabilities use kube-hunter as well as nmap to find what the open default ports are for Kubernetes.

Will do a more indepth writeup pentesting Kubernetes.

Show thread

@superruserr That's a very cool. I just ran it against my home K8S cluster. It flagged 4 vulnerabilities. I know what I'll be doing this weekend. :)

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.