Organizations around the globe are leveraging cloud native architectures, including containers, Kubernetes, and serverless platforms for running their applications. Container-as-a-Service (CaaS) Platforms, like Microsoft Azure Container Instances, offer a modern tech stack for deploying and managing containerized applications.
Recently, the Unit 42 security consulting group has identified the first known vulnerability that could enable one user of a public cloud service to break out of their environment and execute code on environments belonging to other users in the same public cloud service. This unprecedented cross-account takeover is known as Azurescape because Unit 42 discovered it in Microsoft ACI. Azurescape allowed an ACI user to gain administrative privileges over an entire cluster of containers, presenting tremendous risks to users.
In this webinar, Unit 42 researchers Ariel Zelivansky and Yuval Avrahami will discuss:
- How Azurescape works to allow administrative privileges over an entire cluster of containers
- Risks from threats like Azurescape and how it impacts public cloud environments
- How end users can remediate and respond to this risk