BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.pass-the-salt.org//pts2024//speaker//URDZGV
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-pts2024-WA99YZ@cfp.pass-the-salt.org
DTSTART;TZID=CET:20240704T090000
DTEND;TZID=CET:20240704T120000
DESCRIPTION:There’s no two ways about it: Kubernetes is a confusing and c
 omplex collection of intertwined systems. Finding attack paths in Kubernet
 es by hand is a frustrating\, slow\, and tedious process. Defending Kubern
 etes against those same attack paths is almost impossible without any thir
 d party tooling.\n\nIn this workshop we will present KubeHound - an opinio
 nated\, scalable\, offensive-minded Kubernetes attack graph tool used by s
 ecurity teams across Datadog. We will cover the custom KubeHound DSL to de
 monstrate its power to identify some of the most interesting and common at
 tack primitives living in your Kubernetes cluster. If the DSL is not enoug
 h\, we will cover the basics of Gremlin\, the language used by our graph t
 echnology so you can find relevant attack paths that matter to you.\n\nAs 
 attackers (or defenders)\, there's nothing better to understand an attack 
 than to exploit it oneself. So in this workshop we will cover some of the 
 usual attack paths and exploit them. This way you will see by yourself\, t
 he difficulty (or not) to fully compromise a Kubernetes cluster (#DontDoTh
 isAtHome).\n\nAt last\, is this workshop we will also demonstrate two ways
  of using KubeHound:\n* As a standalone tool that can be run from a laptop
 \n* Or deployed  as a service in your own Kubernetes clusters (KubeHound a
 s a Service)\n\nThe main goal of this workshop is to show how defenders ca
 n find and eliminate the most dangerous attack paths and how attackers can
  have a treasure map to fully compromise a Kubernetes cluster by using the
  free and open source version of KubeHound.
DTSTAMP:20260515T173152Z
LOCATION:Workshop room 1
SUMMARY:KubeHound: Identifying attack paths in Kubernetes clusters at scale
  with no hustle - julien\, Edouard Schweisguth
URL:https://cfp.pass-the-salt.org/pts2024/talk/WA99YZ/
END:VEVENT
END:VCALENDAR