News

Starcross technology news, including chronicle of events, company news, API international trends, trending technology, policies and regulations, opinions and comments, etc.

Cloud Native Security Research Results of Starcross Technology Were Selected by The world’s Top Security Conference BlackHat

2022-05-20PV:50

The world’s top security conference Black Hat, which known as the “Oscar” in security field, has recently kicked off in Asia. The conference attracted extensive attention from researchers, technicians and security enthusiasts in the global security field. During this period, Starcross Technology was invited to participate in this year's Black Hat online topic speech to share the company’s results of cloud native security research to the world.

With a broader scope of cloud migration of enterprise, and the implementation of “new infrastructure” strategy and the “14th Five-Year plan”, China’s cloud computing is entering a new era of cloud native, which will support the development of key area including 5G, industrial networks, Internet of things, edge computing, as well as the  digital transformation and upgrading of enterprises.



Under new situations and circumstances, Starcross Technology actively applied cloud native and committed to protecting enterprise cloud assets. In the process of the transition from the “resource-centered” cloud native 1.0 era to the “application-centered” cloud native 2.0 era, we took constant exploration and active innovation to accelerate the development of China’s cloud native industry.



At the same time, At the Black Hat conference, Starcross Technology also shared the content of attack to cloud native Kubernetes, and gave a brief introduction to the security testing tool, which can help escape the container and take over the K8s cluster. There are more different attack techniques in K8s environments than in traditional host security. After entering into the container by using application vulnerabilities, we need to the current container position in K8s cluster first, and then use containers escape vulnerability, K8s component vulnerability or permissions control problem to implement further attacks, and we can also find K8s credentials to attack the cloud API service or any other network hosting service, etc.



Under the tide of digital transformation and reconstruction are happening all the time, and enterprises are also transforming from old business forms to new business forms. Only through perceiving changes in users’ needs more quickly and making adjustments, can we continue to accumulate advantages in the competition. With the increasing demand for agile, flexibility, personalization and intelligent business, cloud native technology will undoubtedly become an important weapon for enterprises to lead the cloud computing era. In the future, Starcross Technology will continue to strive to introduce the latest results to the world in the field of cloud native and network security research, discuss the security technology research results with strong security capabilities and show the world the security force of China.

Download Center

Name

Phone Number

Email

Position

Industry

Company

Success!