Bypassing and Securing Kubernetes Ingress Network Policies

AuthorsKavyashree Ramesh, Tousif Khazi, Tejas Jaiswal About UsIBM PTC is a proficient internal Security Test Team responsible for vulnerability assessment & ethical hacking of web, mobile applications & infrastructure. Abstract Ingress network policies are an important tool for securing a Kubernetes cluster, but it is possible for an attacker to bypass a network ingress policy if they are able to find a weakness or vulnerability in the policy's implementation or if they are able to exploit a weakness in the network infrastructure itself. In order to prevent this type of bypass, it is important to regularly review and update the network ingress policy, as well as to keep the network infrastructure itself secure through the use of firewalls, intrusion detection and prevention systems, and other security measures. Here in this article, we will discuss a few scenarios on how to bypass Network Ingress Policies with privileged service accounts and its....

Read the rest of this story with a free account.

Already have an account? Sign in

April 28, 2023

Author

Kavyashree Ramesh, Tousif Khazi, Tejas Jaiswal

Latest Articles

New2023.05.11Exclusive Interview with Alexandre Teyar - the creator of BurpGPT

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments

Inline Feedbacks

View all comments

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Bypassing and Securing Kubernetes Ingress Network Policies

Author

Latest Articles

Popular Authors

Latest Courses

Hacking Blockchain based APIs (W69)

Penetration testing OWASP Top 10 Vulnerabilities (W68)

IoT Security - the DVID Challenge - NEW EDITION (W67)

https://hakin9.org/wp-content/uploads/2020/01/hakin91-copy-1-1.png