Name: Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms
Start: 2020-04-14T17:00:00Z
End: 2020-04-14T17:00:33.000Z
Location: BrightTALK
Rating: 0

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to secure containers and applications with a least privileges model and defense in depth. Tigera’s technology is recognized and trusted as the de facto standard for Kubernetes network security.

Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls. 

Tigera and Fortinet have joined forces to solve this operational challenge. With the combination of FortiGate Next-Gen firewalls and Calico Enterprise, you gain full visibility into the container environment and can define fine-grained policies to determine which Kubernetes workloads are allowed to talk to the enterprise’s crown jewels running outside the Kubernetes cluster.

In this webinar, you will learn how Calico Enterprise and FortiGate enables you to:
Implement network security control requirements in Kubernetes
Dynamically populate Kubernetes objects in FortiGate to enforce security policies
Gain deep visibility into network traffic within your Kubernetes clusters.

Extending Your FortiGate Next-Gen Firewall to Kubernetes

As Kubernetes matures, gone are the days when we can fully compromise a cluster by just taking over a pod and sending commands to the Kubernetes API service. RBAC and other Kubernetes security features force attackers to pivot at least once to find the right vulnerable pod/service account with the right privileges to take over a cluster. The attack surface grows as the cluster gets bigger and more third-party applications are deployed. By understanding the attacker’s workflow and gaining visibility into the relevant connections, we are able to identify our cluster’s weak points and limit the attacker’s reach.

In this webinar, we will: 
* Examine some common techniques that an attacker can use to gain intel about your cluster’s setup once they are inside
* Show a demo of an attacker gaining root access by impersonating a sample third-party application after exploiting a vulnerable API call
* Visualize the attack using Calico Enterprise and review mitigation strategies

Kubernetes Security: Detecting Lateral Movement and Defending Against Attackers

Learn from an expert. At Tigera, we work with hundreds of Calico and Calico Enterprise customers every year and have learned a very important lesson in the process: Designing networks and troubleshooting a broken network are difficult problems. 

As a Kubernetes architect, what you get from the network team is real estate (racks/compute infrastructure) and an underlay network (nodes that can talk to each other). You have to plan, architect, get the buy-in and implement the network for the actual applications (pods) running in the cluster. You can’t design something completely new if you are constrained by ToRs (top of rack switches), core network fabric, or compliance/security requirements.

This session will begin with a high-level overview of pod networking scenarios and packet path. Then we will do a deep-dive into IP address management and BGP routing design, with an example of each. As part of BGP routing, we’ll walk through various network design options. Finally we conclude with a recommended template for on-prem network design

Advanced Kubernetes Network Design

Malicious actors often use Domain Generation Algorithms (DGA) to exploit the DNS protocol and execute command-and-control (C & C) malware attacks. DGAs are very difficult to detect due to their dynamic and unpredictable nature. Traditional approaches to data security cannot contain DGA threats, with the problem exacerbated by the migration to Kubernetes and the cloud.

Join us for this webinar where we share the latest insights into DGAs, the risks they present, along with best practices to speed detection and reduce risk. 
In this session, you will learn:

- How the DNS / DGA / APT kill chain makes DGAs so hard to detect
Why effective monitoring and visibility into Kubernetes and the cloud is essential
-  How you can detect a compromised workload with Calico Enterprise’s DGA machine learning capability

Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms

Kubernetes

Cyber Defence

Cyber Attacks

Network Security

Threat Analysis

Threat Detection

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms

Presented by

About this talk

More from this channel