Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
View analytic
Wednesday, August 3 • 18:00 - 19:00
One Compromise to Rule Them All

Sign up or log in to save this to your schedule and see who's attending!

Welcome to the new age where technologies like DC/OS, Mesos, and Marathon will abstract your entire datacenter into a single logical computer but what happens when a single application or service within your DataCenter’s OS inevitability gets compromised?

Join us as we explore how a single compromise can enable an attacker to expand access by exploiting many of the technologies supporting a container centric datacenter including ZooKeeper, Marathon, Chronos, Mesos, Docker, and HAProxy. New modules will be released for EmPyre which will enable penetration testers and red teams to more efficiently identify and exploit vulnerabilities within these technologies.

Expertise in these technologies is not required since this presentation will cover briefly what you need to know about each service before highlighting how they can be manipulated by an attacker. The information presented is designed to be useful for both Offensive (Red Team) & Defensive (Blue Team) members.


Speakers
avatar for Bryce Kunz

Bryce Kunz

Red Team for the Marketing Cloud, Adobe
Bryce Kunz (a.k.a. @TweekFawkes) is an Information Security Researcher located in Salt Lake City, Utah. Bryce currently leads the security testing of Adobe's marketing cloud SaaS infrastructure via researching and developing custom exploits for web applications and other cloud based technologies. As a security professional, Bryce has spent time at various agencies (i.e. NSA, DoD, DHS, CBP) focusing on vulnerability research, penetration... Read More →


Wednesday August 3, 2016 18:00 - 19:00
Breaking Ground Florentine A