Miguel Hernández
Staff Threat Researcher Engineer - Sysdig
Zaragoza, Spain
Actions
Miguel Hernández, Threat Research Engineer at Sysdig, is a lifelong learner with a passion for innovation. Over the past decade, Miguel has honed his expertise in security research, leaving his mark at prominent tech companies and fostering a spirit of collaboration through personal open-source initiatives. Miguel has been a featured speaker at cybersecurity conferences such as HITB, HIP, CCN-CERT, RootedCon, TheStandoff, and Codemotion.
Links
Area of Expertise
Topics
Secure your Prometheus server from indiscreet eyes or die by metrics
Prometheus has become the standard for monitoring Kubernetes services. It comes with a set of helpful exporters, and Kubernetes offers several metrics endpoints directly through the API. These features enable monitoring and troubleshooting of most situations that SREs face on a daily basis. But, what if an attacker accesses your Prometheus server? How much information can they get for fingerprinting the cluster? Kernel versions, IP addresses, instance types, library versions…the list goes on and on.
In this session, you will learn the best practices on how to secure your Prometheus server from curious eyes and what could be the consequences of not implementing them.
Detecting unexpected behavior and intrusions with Falco + Atomic Red Team
Tools like Falco - the open source container, cloud, and Kubernetes threat detection engine - aren’t immune to security and stability issues. In fact, vulnerabilities in security software can be some of the most devastating of all.
One of the most effective steps in securing software is ensuring all our security measures work as expected. The goal is to identify corner cases that could trigger potentially dangerous behavior and patch them when necessary.
In this workshop, Miguel and Vicente, will show how to validate Falco’s rules, using another open source project, Atomic Red Team As a user, you’ll learn the inherent risks of running security software in your cluster. If you’re a security expert, this talk will demonstrate the fully open source process and you’ll learn to deploy and test your favorite tool.
Miguel Hernández
Staff Threat Researcher Engineer - Sysdig
Zaragoza, Spain
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top