►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Let's
get
into
the
use
case
for
risk
profiling
and
in
this
example,
stackrock
stank
ranks
every
single
deployment
according
to
risk
under
the
wrist
tab,
and
I'm
going
to
go
into
the
first
example
for
my
visa
processor
to
show
you
how
we
calculate
this
risk
index.
The
first
thing
we
can
see
is
that
this
deployment,
which
is
the
number
one
priority,
is
violating
many
of
the
default
policies
that
are
best
practices
that
come
out
of
the
box.
A
This
includes
things
like
running
a
read,
write
route
file
system,
running
a
privileged
container
and
having
existing
vulnerabilities
that
are
particularly
dangerous.
Additionally,
we
see
a
number
of
suspicious
process
executions
taking
place
inside
this
deployment
like
netcap
being
installed
in
a
reverse
shell
happening
and
within
the
process.
Discovery
stackrocks
automatically
creates
an
allow
list
of
what's
expected
and
also
creates
a
deny
list
based
on
unexpected
behavior,
and
this
is
where
those
suspicious
processes
come
from.
A
In
addition
to
this,
we're
also
going
to
see
other
things
like
it's
service
configuration,
so
we
see
secrets
being
used
in
plain
text.
The
ssh
keys
are
actually
readable.
Capabilities
like
sysadmin
are
added
to
the
container.
A
sidecar
container
is
in
privilege
mode.
My
service
reachability
is
wide
port
2020
port
22
is
exposed,
port
8080
is
exposed
and
I
have
no
network
policies.
I
have
a
number
of
components
useful
for
attackers
and
on
top
of
that,
my
service
account
has
been
granted
cluster
admin
privileges.
A
So
in
this
way,
stackrocks
is
able
to
give
you
a
very
good
idea
of
risk,
not
just
from
a
container
and
an
image
perspective,
but
from
a
configuration
in
a
kubernetes
context.
Using
this
information
you
could
then
notify
the
developers
work
on
policies
to
notify
or
even
enforce
on
some
of
these
things.
This
has
just
been
a
quick
example
of
how
you
would
analyze
a
risk
using
stackrocks.
Thank
you.