https://miscreants.github.io/blog.trailofbits.com/categories/kubernetes/Recent content in kubernetes on The Trail of Bits BlogHugoen-usTue, 09 Jan 2024 09:00:08 -0500https://miscreants.github.io/blog.trailofbits.com/2024/01/09/securing-open-source-infrastructure-with-ostif/Tue, 09 Jan 2024 09:00:08 -0500https://miscreants.github.io/blog.trailofbits.com/2024/01/09/securing-open-source-infrastructure-with-ostif/The Open Source Technology Improvement Fund (OSTIF) counters an often overlooked challenge in the open-source world: the same software projects that uphold today’s internet infrastructure are reliant on, in OSTIF’s words, a “surprisingly small group of people with a limited amount of time” for all development, testing, and maintenance. This scarcity of contributor time in […]https://miscreants.github.io/blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/Thu, 07 Nov 2019 07:00:06 -0500https://miscreants.github.io/blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/The Trail of Bits Assurance practice has received an influx of Go projects, following the success of our Kubernetes assessment this summer. As a result, we’ve been adapting for Go projects some of the security assessment techniques and tactics we’ve used with other compiled languages. We started by understanding the design of the language, identifying […]https://miscreants.github.io/blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/Fri, 19 Jul 2019 21:01:09 -0400https://miscreants.github.io/blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/Trail of Bits recently completed a security assessment of Kubernetes, including its interaction with Docker. Felix Wilhelm’s recent tweet of a Proof of Concept (PoC) “container escape” sparked our interest, since we performed similar research and were curious how this PoC could impact Kubernetes. Quick and dirty way to get out of a privileged k8s […]