Welcome to the new age where technologies like DC/OS, Mesos, and Marathon will abstract your entire datacenter into a single logical computer but what happens when a single application or service within your DataCenter’s OS inevitability gets compromised?
Join us as we explore how a single compromise can enable an attacker to expand access by exploiting many of the technologies supporting a container centric datacenter including ZooKeeper, Marathon, Chronos, Mesos, Docker, and HAProxy. New modules will be released for EmPyre which will enable penetration testers and red teams to more efficiently identify and exploit vulnerabilities within these technologies.
Expertise in these technologies is not required since this presentation will cover briefly what you need to know about each service before highlighting how they can be manipulated by an attacker. The information presented is designed to be useful for both Offensive (Red Team) & Defensive (Blue Team) members.