Cloud and Container Security

The industry recognizes InGuardians as a leader in cloud, container, and Kubernetes security. The InGuardians team regularly speaks and teaches Kubernetes and container security at top industry conferences, including RSA, Black Hat, Microsoft’s BlueHat, DEF CON, the Cloud Native Computing Foundation’s Security Day, and KubeCon. InGuardians teaches sold-out Black Hat classes on Linux, container, and more recently, Kubernetes security. The team has also developed Open Source projects for Kubernetes, including Peirates, a Kubernetes penetration testing tool, and Bust-a-Kube – a Capture the Flag Kubernetes cluster.

The services below are a subset of what InGuardians can do for your organization.

Kubernetes Penetration Testing

InGuardians is recognized as a leader in security testing for the Kubernetes and cloud-native ecosystem. InGuardians has developed both private and open source tools for Kubernetes penetration testing, including Peirates.

InGuardians has performed many Kubernetes penetration tests, attacking on-premises, public cloud-based, and hybrid clusters. The team’s experience spans multiple Kubernetes distributions, including OpenShift and Rancher’s K3S, and other installers, as well as managed Kubernetes environments, like Google Cloud’s GKE, Amazon’s EKS, and Microsoft Azure’s AKS.

Serverless Penetration Testing

InGuardians has tested many cloud environments, including applications that began their life in cloud-native environments, as “serverless” or “function as a service” deployments. The team’s experience with cloud APIs spans and exceeds the three major domestic cloud providers, Amazon’s AWS, Microsoft’s Azure, and Google Cloud. It’s not uncommon for our customers to contract InGuardians to advise on and test their migrations from the data center to the cloud. These can include everything from lift-and-shift deployments to rip-and-replace cloud-native deployments.

Cloud Security Architecture and Product Review Services

InGuardians understands that the use of Cloud-Native applications goes beyond replacing data center assets with cloud provider virtual machines. Cloud-Native architectures redefine how your organization develops, scales, and maintains services.

Whether they’ve designed for a major cloud provider, use on-premises API technologies, or the hybrid approach, companies’ rising adoption of these technologies has contributed to a widening of this type of attack surface. With that in mind, InGuardians offers state of the art Security Architecture Review and Product Review services, assessing the most important aspects of cloud security development and deployment, focusing on foundational services such as:

Identity and Access Management
Storage Services
API Gateways and Network Defenses
Orchestration and Containerization
Detection and Logging
Serverless / Functions as a Service

Cloud-Native Penetration Testing

In addition to Cloud Security Architecture Consulting Services, InGuardians offers Cloud-Native Penetration Testing, emulating adversaries’ attacks on cloud-based assets and applications. These are recommended after security architecture review completion or for more mature cloud deployments and are restricted to the implementation of the cloud environment and not the underlying infrastructure.

During these engagements, multiple scenarios and techniques are employed. Some examples are:

Cloud credential compromise through a public web application, escalated via unexpected cloud service use.
Privilege escalation through over-privileged roles associated with underlying compute instances.
Cloud API Keys are obtained through exposed code repository files.
Attacking from the perspective of a compromised cloud user (assume-breach scenario).

Executive Consulting Services

If you are unsure of your business needs, our team of experts may assess your enterprise security posture, and assist in strategic decision points. For example, the team can advise on both the advantages and likely pitfalls of a move to public, private, and hybrid clouds.

Whether you’re building a product that integrates an orchestration system or use APIs and orchestration systems to offer your services, InGuardians can both emulate attacks and advise on improvements, combining the mindset and creativity of an attacker with the professionalism and expertise of skilled security professionals.