Name: Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms
Start: 2020-04-14T17:00:00Z
End: 2020-04-14T17:33:43.000Z
Location: BrightTALK
Rating: 0

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to secure containers and applications with a least privileges model and defense in depth. Tigera’s technology is recognized and trusted as the de facto standard for Kubernetes network security.

Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls. 

Tigera and Fortinet have joined forces to solve this operational challenge. With the combination of FortiGate Next-Gen firewalls and Calico Enterprise, you gain full visibility into the container environment and can define fine-grained policies to determine which Kubernetes workloads are allowed to talk to the enterprise’s crown jewels running outside the Kubernetes cluster.

In this webinar, you will learn how Calico Enterprise and FortiGate enables you to:
Implement network security control requirements in Kubernetes
Dynamically populate Kubernetes objects in FortiGate to enforce security policies
Gain deep visibility into network traffic within your Kubernetes clusters.

Extending Your FortiGate Next-Gen Firewall to Kubernetes

As Kubernetes matures, gone are the days when we can fully compromise a cluster by just taking over a pod and sending commands to the Kubernetes API service. RBAC and other Kubernetes security features force attackers to pivot at least once to find the right vulnerable pod/service account with the right privileges to take over a cluster. The attack surface grows as the cluster gets bigger and more third-party applications are deployed. By understanding the attacker’s workflow and gaining visibility into the relevant connections, we are able to identify our cluster’s weak points and limit the attacker’s reach.

In this webinar, we will: 
* Examine some common techniques that an attacker can use to gain intel about your cluster’s setup once they are inside
* Show a demo of an attacker gaining root access by impersonating a sample third-party application after exploiting a vulnerable API call
* Visualize the attack using Calico Enterprise and review mitigation strategies

Kubernetes Security: Detecting Lateral Movement and Defending Against Attackers

Learn from an expert. At Tigera, we work with hundreds of Calico and Calico Enterprise customers every year and have learned a very important lesson in the process: Designing networks and troubleshooting a broken network are difficult problems. 

As a Kubernetes architect, what you get from the network team is real estate (racks/compute infrastructure) and an underlay network (nodes that can talk to each other). You have to plan, architect, get the buy-in and implement the network for the actual applications (pods) running in the cluster. You can’t design something completely new if you are constrained by ToRs (top of rack switches), core network fabric, or compliance/security requirements.

This session will begin with a high-level overview of pod networking scenarios and packet path. Then we will do a deep-dive into IP address management and BGP routing design, with an example of each. As part of BGP routing, we’ll walk through various network design options. Finally we conclude with a recommended template for on-prem network design

Advanced Kubernetes Network Design

Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls. 

Tigera and Fortinet have joined forces to solve this operational challenge. With the combination of FortiGate firewalls and Calico Enterprise, you gain full visibility into the container environment and can define fine-grained policies to determine which Kubernetes workloads are allowed to talk to the enterprise’s crown jewels running outside the Kubernetes cluster.

In this webinar, you will learn how Calico Enterprise and FortiGate enable you to:
+ Implement network security control requirements in Kubernetes
+ Dynamically populate Kubernetes objects in FortiGate firewalls to enforce security policies
+ Gain deep visibility into network traffic within your Kubernetes clusters.
 
After this webinar, you’ll also understand why Calico has been chosen as the preferred network security solution by the leading managed Kubernetes services – Amazon EKS, Azure AKS, Google GKE, IBM IKS, and more – as well as powering several of the world’s largest Kubernetes clusters.

Extending Your Fortinet Next-Generation Firewall to Kubernetes

No matter where you are in your Kubernetes journey, eventually you’ll have to connect your k8s cluster to external resources like databases, cloud services, and third-party APIs.  A majority of existing workloads are non-Kubernetes, and at some point, your Kubernetes applications will need to communicate with them.  

Before you can do that, Security teams, as well as database and application owners, will require you to limit access to specific individuals or groups — and nearly every application has dependencies external to Kubernetes that require some level of access control. However, Kubernetes does not natively enable fine-grained egress access controls..

In this webinar, you will learn how to:

+ Securely migrate k8s workloads/applications into production and control access to external resources
+ Limit k8s egress to external end-points on a granular, per-pod basis
+ Simplify this process using Calico Enterprise

The webinar is ideal for Platform Engineers, Cloud Engineers, and anyone else that is responsible for deploying and maintaining a Kubernetes Platform.

Kubernetes - Automating Access Controls When Connecting to External Resources

As the founders of Project Calico, we work with hundreds of teams every year to help them avoid obstacles and gain the most value from Calico.
 
We observe a common "Kubernetes Journey" that most infrastructure and platform teams progress through as they deploy Kubernetes to their organizations, and will share that journey in this webinar.
 
Sometimes we are pulled into projects on fire. Without guidance, many projects run into problems of scale, enterprise integration, and cross-functional alignment that can slow everything to a grinding halt. We've seen all these problems and can help.
 
That is why we created Calico Essentials - our solution to have you aligned with industry experts throughout your Kubernetes journey.
 
In this webinar, you'll learn the four ways Calico Essentials can help accelerate your Kubernetes project.

- Training and education for new team members and other stakeholders
- Best practices workshops on network and network security design
- Help you operationalize Calico to work with the rest of your tools, infrastructure, and processes
- Troubleshooting strategies, tips, and tricks

Four Ways to Accelerate Your Kubernetes Project

Organizations are rapidly moving more and more mission-critical applications to Kubernetes and the cloud to reduce costs, achieve faster deployment times, and improve operational efficiencies. But security teams are struggling to achieve a strong security posture with Kubernetes and cloud-based resources because of the inability to apply conventional security practices in the cloud environment. 

Join Threat Intelligence Research Engineer, Manoj Ahuje, for this webinar where he will cover five different attack scenarios on cloud-based Kubernetes infrastructure, and how to catch these malicious activities at each stage with Calico Enterprise and Global Alerts, a new feature just released.

Don’t miss this technical webinar, register to attend now.

5 Ways to Detect Malicious Activity & Protect Your Kubernetes Workloads

The potential attack on Shopify’s Kubernetes-based infrastructure grabbed headlines last year. This highlights the fact that Kubernetes managed applications require a different approach to network security. The differences between the major cloud providers and the complexity of mixed/hybrid-cloud networks only further complicate the issue and make attack surfaces larger and open to a wider range of attack vectors.

It’s no wonder engineers across various disciplines are hungry to understand how attacks can happen and what they can do to implement security measures to stop them. 

Join Garwood Pang, Vulnerability Researcher at Tigera, for this webinar where you will:

- Follow step-by-step as he launches an attack similar to the Shopify vulnerability but adding to it with previously known breaches, bug reports, and blog posts

- See how the same attack can be detected and stopped before the network is compromised

- Learn how a zero-trust security model and a network security solution explicitly made for Kubernetes Infrastructure can limit virtually all attacks, regardless of vector
 
This webinar is ideal for security engineers, platform engineers, DevOps engineers, network engineers, and any other technical role involved in ensuring the security of a Kubernetes orchestrated infrastructure.

Kubernetes: Anatomy of the Shopify Attack & How to Defend Your Infrastructure

Containers and Kubernetes adoption are gaining incredible momentum in enterprise organizations. Gartner estimates that 75% of organizations will be running containerized applications by 2022. 

However, there are many challenges to moving containerized applications to internet-facing environments while maintaining security:

- Firewalls are necessary but cannot protect Kubernetes pods that keep changing IP addresses
- Security processes are designed for and rely on a zone-based architecture, but Kubernetes doesn’t fit in that architecture
- Kubernetes Network Policies are a new concept for network and security teams to learn, but they are stretched too thin and have no time to invest in learning them

These problems would go away if the security team’s existing tools and processes worked for Kubernetes.

Attend this webinar and learn how Tigera is the first and only Kubernetes security solution to integrate with the security team’s firewall manager to implement their security controls in Kubernetes. The presentation will include a live demo using Tigera Secure and the Palo Alto Networks Panorama firewall manager.

The Problem With Kubernetes And Firewalls, And How To Solve It

Kubernetes is a robust, stable, and reliable environment to run modern applications. But, like all software, issues can arise that require troubleshooting. When problems occur with the containerized microservices, Kubernetes can reschedule workloads or replace entire nodes with ease, but when connectivity issues arise, you need an understanding of how Kubernetes networking works and the right tools to help identify and solve the issue.

Join Karthik Prabhakar, Sr. Director, Solutions Engineering with Tigera, for a live webinar on Thursday, September 12 at 10AM PT, 1PM ET where you will learn how to identify, understand, and solve the most common Kubernetes connectivity issues.

Understanding & Troubleshooting Kubernetes Connectivity Issues

Free and Open Source, Tigera Calico delivers secure networking for the cloud-native era, and 2019 has seen many major enhancements to the most deployed networking and network security solution for Kubernetes.

From version 3.3 released in November of 2018 all the way through to 3.8 released earlier this July, Calico has advanced significantly with features that our community has requested and needed, such as:

+ IP address management (IPAM) features that make it more configurable and with support to assign a given IP pool to one or more Kubernetes namespaces
+ Features that give more control and allow much finer-grained dynamic IP management vs the static allocation of a fixed set of addresses to each node in native Kubernetes
+ Native support for VXLAN encapsulation
+ Optimized denial-of-service protection for host endpoints using XDP
+ Namespaced NetworkSets
+ And more...

Join us for a technical webinar to learn more about these new features, with real-world examples of how, and why, you’d want to use them to improve the network security of your Kubernetes environment.

What’s New in Tigera Calico: An Update on Recent Features & Enhancements

Since practically the beginning of data networks, Network and Security professionals have gravitated towards, and grown to love, Zone-Based network architectures.

However, with the evolving landscape driven by microservices, containers, and Kubernetes, Zone-Based designs are being challenged to keep networks secure without creating an unreasonable amount of continuous configuration changes to firewalls.

With this challenge, comes the opportunity to rethink how network security can be delivered more effectively and efficiently. The Cloud and Kubernetes offer a ton of flexibility but how do we achieve security, visibility, and compliance in these new areas.

This technical webinar will dive into how Tigera can help us answer these challenges and more in the cloud landscape.

Why Can’t We Be Friends? – Kubernetes in a Zone-Based Architecture World

Of course, Tigera's ability to provide Kubernetes pod networking and facilitate service discovery is extremely valuable, but its real superpower is that both Tigera's commercial offerings and open-source Tigera Calico can implement network security policies inside a Kubernetes cluster.

Most external network security operates at the perimeter or at the physical network layer of Kubernetes. Because Tigera runs inside Kubernetes, it can provide policy and security based on Kubernetes structures like namespaces and deployments.

In this webinar, Senior Technical Solutions Engineer with Tigera, Drew Oetzel, will show you examples of implementing these types of policies for several common security and compliance use cases.

He'll also show you why implementing these types of security policies is so important to keeping your ever-expanding Kubernetes workloads secure.

Kubernetes & Tigera: Network Policies, Security, and Auditing

Compliance standards such as PCI DSS have assumed that traditional characteristics and behaviors of the development and delivery model would continue to be constant going forward. With the Container/Kubernetes revolution, that set of assumptions is no longer entirely correct. Attend this webinar and learn about what's changed, how those changes weaken your compliance and control environment, and what you can do to adjust to the new reality.

Meeting PCI DSS Network Security Requirements in Kubernetes Environments

Security teams use firewalls to secure their production environments, often using a zone-based architecture, and Kubernetes does not deploy well to that architecture. Application teams are launching new business-critical applications on Kubernetes and are aggressively moving to production. A clash is bound to happen.

In this webinar, we will describe an approach to extend firewalls to Kubernetes that will accelerate deployment to production, save time & money, and preserve existing security processes and investments.

Extending Firewalls to Kubernetes to Not Break Existing Security Architectures

Calico was just recently embedded into Google GKE-On prem and we will demonstrate how to implement security controls on GKE. Don’t miss this webinar as we will be sharing some common network security challenges in the Kubrnetes environment. In addition, we will explore enterprise-grade Calico features provided in Tigera Secure which enables enterprises to add network security support in hybrid cloud environments with:

+ Network Flow Logs that record accepted and denied traffic, which policies denied the traffic, and workload context such as Kubernetes namespaces, labels, and metadata. Tigera Secure also provides dynamic graphical visualization of network flows.

+ Tiered policy controls with role-based access controls, to enable multiple teams to independently manage their respective security policies within the governance of the security team.

+ Anomaly Detection capabilities that provide insight into unusual behaviors and sophisticated attacks that compromise the security and performance of Kubernetes environments.

Securing Kubernetes Applications in Google Cloud with Tigera

Istio’s traffic management decouples traffic flow and infrastructure scaling allowing you to specify what rules to govern traffic rather than which specific pods should receive traffic.

In this webinar we'll discuss the following traffic management topics:  
· Discovery Load Balancing
· Failure Handling
· Fault Injection

Istio Traffic Management - Best Practices in Secure Kubernetes Environments

Malicious actors often use Domain Generation Algorithms (DGA) to exploit the DNS protocol and execute command-and-control (C & C) malware attacks. DGAs are very difficult to detect due to their dynamic and unpredictable nature. Traditional approaches to data security cannot contain DGA threats, with the problem exacerbated by the migration to Kubernetes and the cloud.

Join us for this webinar where we share the latest insights into DGAs, the risks they present, along with best practices to speed detection and reduce risk. 
In this session, you will learn:

- How the DNS / DGA / APT kill chain makes DGAs so hard to detect
Why effective monitoring and visibility into Kubernetes and the cloud is essential
-  How you can detect a compromised workload with Calico Enterprise’s DGA machine learning capability

Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms

Kubernetes

Cyber Defence

Cyber Attacks

Network Security

Threat Analysis

Threat Detection

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms

Presented by

About this talk

More from this channel