In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Wednesday, October 13 • 3:25pm - 4:00pm
Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk - Ian Coldwater, Twilio; Brad Geesaman & Rory McCune, Aqua Security; Duffie Cooley, Isovalent

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
When the hacker crew of geese collectively known as “SIG-Honk” read about a new CVE in the Kubernetes ecosystem affecting the runc project (CVE-2021-30465), they flew into action. With just a few details in the initial advisory notes as guidance, they were able to collaborate and generate a proof-of-concept exploit for Kubernetes, iterate and validate it against multiple types of clusters, and kick off a renewed coordinated disclosure process to help keep users safer. Join Ian Coldwater, Brad Geesaman, Rory McCune, and Duffie Cooley as we bring our expertise and experiences to share the details of our methodology, walk through our approach, and demonstrate the exploit and its effectiveness live on stage. Attendees will learn about the process of exploit development and disclosure, find out how to stay informed about vulnerabilities in open source dependencies that may affect the security of their clusters, and walk away with a new perspective on how to honk.

avatar for Brad Geesaman

Brad Geesaman

Director of Cloud Security, Aqua Security
Brad Geesaman is the Director of Cloud Security at Aqua Security and focuses on building solutions with a security practitioner's mindset. When he’s not hacking on cloud-native and containerized environments, he enjoys spending time with his family in Virginia, eating Mexican food... Read More →
avatar for Ian Coldwater

Ian Coldwater

Director of Offensive Security, Twilio
Ian Coldwater is co-chair of Kubernetes SIG Security, a CNCF Ambassador, and a security researcher specializing in hacking and hardening Kubernetes, containers, and cloud native infrastructure. In their spare time, they like to read all the docs, participate in Capture the Flag competitions... Read More →
avatar for Duffie Cooley

Duffie Cooley

Field CTO, Isovalent
Duffie is Field CTO at Isovalent focused on helping enterprises find success with Cilium and modern security tooling. Duffie has been working with all things systems and networking for 20 years and remembers most of it. He likes to present on topics ranging from How do I solve this... Read More →
avatar for Rory McCune

Rory McCune

Cloud Native Security Advocate, Aqua Security
Rory has worked in the Information and IT Security arena for the last 20 years in a variety of roles. These days he spends most of his work time on container, cloud and application security as a principal consultant with NCC Group. He's an active member of the container security community... Read More →

Wednesday October 13, 2021 3:25pm - 4:00pm PDT
Concourse Hall 151 + Online