ycliper

Популярное

Музыка Кино и Анимация Автомобили Животные Спорт Путешествия Игры Юмор

Интересные видео

2025 Сериалы Трейлеры Новости Как сделать Видеоуроки Diy своими руками

Топ запросов

смотреть а4 schoolboy runaway турецкий сериал смотреть мультфильмы эдисон
Скачать

Your Kubernetes Clusters Are NOT Safe! | IngressNightmare Explained

cybersecurity

infosec

cloud

cloud security

black hat

blackhat usa

security training

aws

azure

google cloud

gcp

multicloud

appsec

appsecengineer

application security

training

security

devsecops

SAST

DAST

CICD

software development

developers

cloud engineers

Devops

secure coding

secure code

compliance

PCI DSS

security standards

compliance training

role-based training

webinar

Автор: AppSecEngineer

Загружено: 2025-03-26

Просмотров: 423

Описание: Train Your Engineers in Secure Coding and DevSecOps: https://www.appsecengineer.com/enterp...

Ingress-NGINX is a Kubernetes Ingress controller that leverages NGINX as a reverse proxy and load balancer. Its function is to manage and route traffic from external source to various services inside a Kubernetes cluster. The four vulnerabilities specifically affect the admission controller component of NGINX Controller for Kubernetes, which is responsible for validating and/or modifying incoming Ingress objects and other resources before they are processed by the API server.

The vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands in affected environments and completely take over Kubernetes clusters, according to researchers at Wiz who discovered the flaws.

In this video, Abhay Bhargav explains how the IngressNightmare exploit works, how it could affect your Kubernetes clusters, and what can be done to prevent your infrastructure from being compromised.

#appsec #applicationsecurity #appsecengineer #securecoding #infosectraining #cybersecurity #kubernetes #containersecurity

00:00 Introduction to Ingress Nightmare Vulnerability
00:45 Understanding Kubernetes Ingress Controllers
01:41 Details of the NGINX Ingress Controller Vulnerability
02:33 How the Vulnerability Works
05:10 Implications and Severity of the Vulnerability
07:19 Mitigation and Patching Recommendations


References:
Wiz.IO Disclosure Website for IngressNightmare: https://www.wiz.io/blog/ingress-nginx...

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...
Your Kubernetes Clusters Are NOT Safe! | IngressNightmare Explained

Поделиться в:

Доступные форматы для скачивания:

Скачать видео

  • Информация по загрузке:

Скачать аудио

Похожие видео

This Next.js Exploit Could Break Your Web Apps | Middleware Bypass Explained

This Next.js Exploit Could Break Your Web Apps | Middleware Bypass Explained

Ingress Nightmare: How a Single Request Could Take Over Your K8s Cluster

Ingress Nightmare: How a Single Request Could Take Over Your K8s Cluster

one request = full remote code execution (IngressNightmare Kubernetes hack explained)

one request = full remote code execution (IngressNightmare Kubernetes hack explained)

Kubernetes CKS Full Course Theory + Practice + Browser Scenarios

Kubernetes CKS Full Course Theory + Practice + Browser Scenarios

Kubernetes  [FULL COURSE in 10 Hours with realtime tasks] #saikiranpinapathruni

Kubernetes [FULL COURSE in 10 Hours with realtime tasks] #saikiranpinapathruni

Ликвидация главы ФСБ? / Спецоперация спецслужб

Ликвидация главы ФСБ? / Спецоперация спецслужб

How to upgrade Kubernetes cluster in Prod ? |  Complete Process with Demo and Interview Questions

How to upgrade Kubernetes cluster in Prod ? | Complete Process with Demo and Interview Questions

NGINX Explained - What is Nginx

NGINX Explained - What is Nginx

Kubernetes and EKS for Beginners – Crash Course with Pulumi

Kubernetes and EKS for Beginners – Crash Course with Pulumi

Kubernetes NodePort vs LoadBalancer vs Ingress

Kubernetes NodePort vs LoadBalancer vs Ingress

© 2025 ycliper. Все права защищены.



  • Контакты
  • О нас
  • Политика конфиденциальности



Контакты для правообладателей: [email protected]