In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Wednesday, October 13 • 3:25pm - 4:00pm
Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk - Ian Coldwater, Twilio; Brad Geesaman & Rory McCune, Aqua Security; Duffie Cooley, Isovalent

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
When the hacker crew of geese collectively known as “SIG-Honk” read about a new CVE in the Kubernetes ecosystem affecting the runc project (CVE-2021-30465), they flew into action. With just a few details in the initial advisory notes as guidance, they were able to collaborate and generate a proof-of-concept exploit for Kubernetes, iterate and validate it against multiple types of clusters, and kick off a renewed coordinated disclosure process to help keep users safer. Join Ian Coldwater, Brad Geesaman, Rory McCune, and Duffie Cooley as we bring our expertise and experiences to share the details of our methodology, walk through our approach, and demonstrate the exploit and its effectiveness live on stage. Attendees will learn about the process of exploit development and disclosure, find out how to stay informed about vulnerabilities in open source dependencies that may affect the security of their clusters, and walk away with a new perspective on how to honk.

avatar for Brad Geesaman

Brad Geesaman

Staff Security Engineer, Ghost Security
Brad Geesaman is a Staff Security Engineer at Ghost Security and focuses on researching and building cloud-native systems with a security practitioner's mindset. When he’s not hacking on containerized environments, he enjoys spending time with his family in Virginia, eating Mexican... Read More →
avatar for Ian Coldwater

Ian Coldwater

Security Researcher, Independent
Ian Coldwater is a security researcher specializing in hacking and hardening Kubernetes, containers, and cloud native infrastructure. When they're not busy being co-chair of Kubernetes SIG Security, they like to read all the docs, participate in Capture the Flag competitions, and... Read More →
avatar for Duffie Cooley

Duffie Cooley

Field CTO, Isovalent
Duffie is Field CTO at Isovalent focused on helping enterprises find success with Cilium and modern security tooling. Duffie has been working with all things systems and networking for 20 years and remembers most of it. A student of perspective, Duffie is always interested in working... Read More →
avatar for Rory McCune

Rory McCune

Cloud Native Security Advocate, Aqua Security
Rory has worked in the Information and IT Security arena for the last 20 years in a variety of roles. These days he spends most of his work time on container, cloud and application security as a principal consultant with NCC Group. He's an active member of the container security community... Read More →

Wednesday October 13, 2021 3:25pm - 4:00pm PDT
Concourse Hall 151 + Online