Dino Dai Zovi at Black Hat 2017

Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale

Your datacenter isn’t a bunch of computers, it is *a* computer. While some large organizations have over a decade of experience running software-defined datacenters at massive scale, many more large organizations are just now laying the foundations for their own cloud-scale platforms based on similar ideas. Datacenter-level operating systems such as Kubernetes, Mesos, and Docker Enterprise significantly change both the computing and security paradigms of modern production environments, whether they are in the cloud, on-premises, or a hybrid of the two. The focus of a lot of security attention related to containers and DevOps has been on the kernel-level isolation mechanisms, but these modern datacenter orchestration systems make single-node privilege escalation and persistence significantly less useful. We’ll go over the background of what security benefits modern datacenter-level orchestration systems provide and what challenges they also bring along with them. We’ll also discuss how to think about attacking and defending entire clusters vs. single machines and what common attack patterns (privilege escalation, lateral movement, persistence) look like specific to the orchestration layers instead of through the traditional native operating systems.