Loading…
Wednesday, May 22 • 11:05 - 11:40
How We Used Kubernetes to Host a Capture the Flag (CTF) - Ariel Zelivansky & Liron Levin, Twistlock

Sign up or log in to save this to your schedule and see who's attending!

Tweet Share
Feedback form is now closed.
CTF competitions are now commonly used for cybersecurity education purposes, and are solved by many enthusiast researchers looking for a challenge. In Twistlock, we decided to host an online CTF competition with unique challenges that required a live, dedicated persistent machine, for each participant. Using Kubernetes, we managed to successfully host the challenge, publicly open, without sacrificing the security of our infrastructure.

We will discuss:
Introduction to the CTF and why we choose to run it on Kubernetes
Attack vectors for giving users untrusted shells to pods
Container isolation technologies such as gvisor and network policies.
Patterns for dynamically scaling pods and routes for new CTF participates

In the end, attendees will learn the security building blocks of Kubernetes, and how it can be used for non conventional purposes such as hosting a one time live challenge.
Speakers
avatar for Liron Levin

Liron Levin

Chief software architect, Palo alto networks
Liron is the Chief Software Architect at Twistlock, where he focus on scaling, engineering methodologies and security . Before that, he worked as a tech lead at Microsoft on cloud computing and machine learning projects. He is an active contributor to popular open source go projects... Read More →
avatar for Ariel Zelivansky

Ariel Zelivansky

Security Research Team Lead, Palo Alto Networks
Ariel Zelivansky is a security researcher and the head of Twistlock's research team, dealing with hacking and securing anything related to containers.

kubecon talk pdf
Wednesday May 22, 2019 11:05 - 11:40
Hall 8.0 F1
  Case Studies