This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Friday, October 11 • 2:30pm - 3:30pm
HX-3015 Deploying Cloud Native Red Team Infrastructure with Kubernetes, Istio and Envoy

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Larry will walk you thorugh the technical details of building nimble Red Team infrastructure that
leverages cloud native orchestration frameworks such as Kubernetes and service meshes
such as Istio. Special attention will be paid to containerizing and developing deployment
artifacts in Helm for popular C2 frameworks. Automated Kubernetes cluster deployment will be covered for AWS, Google Cloud, and Azure. Details will be given on configuring the Envoy proxy as a redirector and filter in order to obfuscate the infrastructure from unwanted probing by defenders. Techniques for real time monitoring of implant communication will be addressed. The talk will also review the recipes currently available in the Kubered framework (https://github.com/cloudc2/kubred) and other resources helpful for cloud native Red Team operations.

avatar for Larry Suto

Larry Suto

Consultant, SDCI
Larry Suto is an independent security consultant based out of Oakland, CA. and spends a lot of time researching using cloud infrastructure for all types of security testing. He does Windows penetration testing as much as possible and seeks to enlighten people on advanced ways to deploy... Read More →
avatar for Jeff Holden

Jeff Holden

CISO, CCC Technology Center
Jeff Holden works for a large college system as an Information Security Manager/jack of all trades.His favorite part of the job though is in the penetration testing of the colleges in the system. He also contributes to open source projects and releases his own code

Friday October 11, 2019 2:30pm - 3:30pm CDT
TEXAS BALLROOM - E Track 3 600 E Market St, San Antonio, TX Floor 4