Slide 10
Slide 10 text
Demo Environment Details
K8S cluster running on an EC2 node (with IMDSv1).
• Vulnerable Spring Boot Application
• Falco as a daemon set on k8s cluster
• Falco Sidekick
• Falco Sidekick UI
• Falco Cloudtrail plugin
• Falco AWS Cloudtrail terraform module
An attacker host to execute the infiltration and exploit of the attack.
• Rootkit installed.
• Other tools to escalate privileges and lateral movement.