Loading…
June 26-27, 2024 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2024 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
← Back to schedule
CSI Forensics: Unraveling Kubernetes Crime Scenes - Alberto Pellitteri & Stefano Chierici, Sysdig
Wednesday June 26, 2024 11:50am - 12:25pm PDT
433
In the event of a security breach, employing well-defined DFIR techniques becomes imperative to mitigate the incident's impact effectively. However, with the spreading adoption of containers, the employment of DFIR processes and capabilities is becoming increasingly complex. Join us in an insightful session that will cover cutting-edge DFIR practices on container environments. After a short overview of the essence of DFIR, we'll direct our focus towards various advanced DFIR techniques within a Kubernetes environment, which can prove highly beneficial in the event of a compromise. Starting from how to checkpoint compromised apps and restore them in a sandboxed environment for further analysis, we will move to how to conduct memory forensics on container evidence using old-style open-source DFIR tools. At the end of the presentation, the audience will be familiar with the advantages and disadvantages of the latest DFIR capabilities and will have the basics to understand how to use them.
Speakers
avatar for Stefano Chierici

Stefano Chierici

Threat Research Lead Manager, Sysdig
Stefano Chierici is a Threat Research Lead Manager at Sysdig, where his research focuses on defending containerized and cloud environments from attacks ranging from web to kernel. Stefano is one of the Falco contributors, an incubation level CNCF project. He studied cyber security... Read More →
avatar for Alberto Pellitteri

Alberto Pellitteri

Threat Research Engineer, Sysdig
Alberto Pellitteri is a security researcher with a speciality in Kubernetes and Docker technologies. Currently a security researcher at Sysdig, Alberto researches malware and attacks that target cloud infrastructure and vulnerable environments. As a contributor to open source projects... Read More →
CloudNativeSecurityCon24.pptx pdf
Wednesday June 26, 2024 11:50am - 12:25pm PDT
433
  Observability + Detections + Response
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link