Conference Recap: ControlPlane at KubeCon NA '23 Chicago
By Jasmine Andine
Welcome to an in-depth exploration of ControlPlane’s engagement at the 2023 edition of KubeCon North America! This blog will provide an overview of our involvement in the flagship gathering of the industry. From presentations to exciting Capture the Flag competitions, our journey at KubeCon North America spanned a spectrum of thrilling events.
- Capture-the-Flag Competition
- Book Signing
- TAG Security Hub
Once again ControlPlane returned to KubeCon + CloudNativeCon North America 2023 with Capture the Flag (CTF) events for the Cloud Native community to test their skills in Kubernetes, containers, and cloud native security. Hosted at the Security Hub (Room 470AB), attendees took part individually or in teams in an attempt to solve three increasingly difficult challenges. This year’s CTF attracted over 100 players, with groups of attendees collaborating to gain hands-on experience from peers and friends, hacking workloads and understanding how to bypass security controls. We are grateful to the CNCF for supporting us in the running of the event, and a huge thank you to everyone who participated!
We greatly appreciated the feedback we received. CTF superstar Jennifer Munoz enjoyed the event so much that she came by the booth to thank us personally the next day.
Updating the Kubernetes Threat Model - Robert Ficcaglia & Francesco Beltramini
Kubernetes SIG-Security led an effort in 2022-2023 to audit Kubernetes. However the threat model used in this effort has not been refreshed since 2019. This community led effort is working to refresh the threat model, and also make the process and methodology completely transparent and documented to serve as a template and HOW TO guide for all Kubernetes and CNCF projects and subprojects to adopt for their own threat modeling efforts. The output of this refreshed Kubernetes threat model will be immediately used to guide the next Kubernetes Audit project.
Participants learned about the latest methodologies considered in threat modeling Kubernetes, and the comparative pros and cons of different approaches to investigation, coming away with a practical template for applying the concepts to their own Kubernetes deployments and infrastructure.
Exploring the ArgoCD End-User Threat Model - Torin van den Bulk & James Callaghan
Enlisted by the Linux Foundation, ControlPlane explored GitOps hardening strategies by conducting a comprehensive threat modeling exercise that identified nineteen threats, including six high-priority threats, illuminating critical data assets and outlining the process flow of data within an Argo CD-enabled (Kubernetes) cluster architecture. Complemented with a demo multi-tenant Argo CD deployment on AWS EKS, this exercise emulated an end-user implementation of the tooling. After assessing this demo environment for potential risks, security threats were mapped out within detailed attack trees to help pave the way towards practical and actionable end-user mitigation strategies.
Holistically, the following key initiatives were implemented as part of the threat modelling exercise:
- In-depth threat assessment based on a multi-tenant deployment of Argo CD across multiple Kubernetes clusters
- Mapping enumerated threats into detailed attack trees to better visualise and understand exploit paths and mitigating controls
- Outlining high priority threats and recommendations to provide clear guidance to end-users
As presented by Torin van den Bulk and James Callaghan at this years ArgoCon, the elucidated security solutions provided a multitude of benefits to the Linux Foundation, including:
- Strengthened end-user confidence in deploying Argo CD through actionable recommendations and security control strategies
- Streamlined deployment considerations for running Argo CD in multi-tenant mode
- Cooperation with the project maintainers to ease security and triage overhead
- Drawing attention to one of the forefront technologies in declarative GitOps
Threat Modeling the Envoy Gateway Project - Torin van den Bulk & James Callaghan
At this year’s EnvoyCon, Torin and James navigated through the nuances of Envoy Gateway, an open source project aimed at managing Envoy Proxy as a Kubernetes-based (or standalone) application gateway. Envoy Gateway is configured by Gateway API resources (successor to Kubernetes Ingress) that are used to provision and configure managed Envoy Proxies. Our session discussed a detailed Envoy Gateway Threat Model curated by ControlPlane at the behest of the Linux Foundation, and to share our findings with the open-source community.
The session covered:
- An overview of Envoy Gateway’s design components and capabilities through a lens of threat-driven analysis and design.
- An exploration of our security analysis, complete with attack trees, to stimulate confidence in deploying Envoy Gateway as an edge proxy in a Kubernetes cluster.
- A live demo of adversarial attacks against Envoy Gateway deployed to a Kubernetes cluster. You can run the demo for yourself here: https://github.com/controlplaneio/threat-modelling-envoy-gateway-talk
- A summary of conversations so far with the project maintainers, paving the way for a more secure implementation of Envoy Gateway for end users.
We thoroughly enjoyed talking to hundreds of conference attendees at yet another successful Kubecon Booth, with inquisitive cloud-native security aficionados coming from North and South America, APAC, and Europe. ControlPlane supports engineering in all of those territories, and we are particularly excited about KCD Sao Paulo, where CEO Andrew Martin will keynote next February.
Our ControlPlane Swag was again very successful, and we ran out of most educational and sartorial items on the final day! The brilliant Cloud Native Security, SecOps, Intro to Cloud Native, and Containerization flashcards are so popular that we have to ship them to booth visitors who missed out. If you’d like to run a lunch and learn or test yourself on cloud native security, contact us , and we’ll ship you a pack.
TAG Security Hub
The Security Hub was a great success, featuring a Security Slam awards ceremony, unconference, and Ask TAG Security event running in parallel with the CTF. We welcomed contributors from across the globe and enjoyed the chance to collaborate with participants old and new. The VMware CSI Driver threat modelling session with CNCF’s SIG Security was a particular highlight.
AI discussions were the surging undercurrent of the event, with many security companies integrating LLMs and ML anomaly detection into their products. As Greg Castle noted, the impetus to secure their platforms is currently superseded by the AI/ML hype cycle as investors seek to maximize gains by attaining first-to-market status. However, we expect the hype to peak in the next 6-12 months, and the focus on data and model security will once again achieve the scrutiny it deserves.For more information on ControlPlane’s stance, see this talk by Francesco Beltramini on “Securing AI in Space” at KCD UK in October 2023.