Dynamic Application Security Testing for Kubernetes Deployment: An Experience Report from Industry
While Kubernetes enables practitioners to rapidly deploy their software and perform container orchestration efficiently, security of the Kubernetes-based deployment infrastructure is a concern for industry practitioners. A systematic understanding of how dynamic analysis can be used for securing Kubernetes deployments can aid practitioners in securing their Kubernetes deployments. We present an experience report, where we describe empirical findings from three dynamic application security testing (DAST) tools on a Kubernetes deployment used by “Company-Z.” From our empirical study, we find (i) 3,442 recommended security configurations are violated in “Company-Z’s” Kubernetes deployment; and (ii) of the three studied DAST tools, Kubescape and Kubebench provide the highest support with respect to detecting 14 types of recommended security configurations. Based on our findings, we recommend practitioners to apply DAST tools for their Kubernetes deployments, and security researchers to investigate how to detect configuration violations dynamically in the Kubernetes deployment.
Wed 25 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
14:00 - 15:20 | Testing 4Industry Papers / Research Papers / Demonstrations at Cosmos 3D Chair(s): Antonio Mastropaolo William and Mary, USA | ||
14:00 20mTalk | Detecting and Reducing the Factual Hallucinations of Large Language Models with Metamorphic Testing Research Papers Weibin Wu Sun Yat-sen University, Yuhang Cao Sun Yat-sen University, Ning Yi Sun Yat-sen University, Rongyi Ou Sun Yat-sen University, Zibin Zheng Sun Yat-sen University DOI | ||
14:20 10mTalk | A Tool for Generating Exceptional Behavior Tests With Large Language Models Demonstrations Linghan Zhong University of Texas Austin, Samuel Yuan The University of Texas at Austin, Jiyang Zhang University of Texas at Austin, Yu Liu Meta, Pengyu Nie University of Waterloo, Junyi Jessy Li University of Texas at Austin, USA, Milos Gligoric The University of Texas at Austin | ||
14:30 20mTalk | Using Large Language Models to Support the Workflow of Differential Testing Industry Papers Arun Krishna Vajjala George Mason University, Ajay Krishna Vajjala George Mason University, Carmen Badea Microsoft Research, Christian Bird Microsoft Research, Jade D'Souza Microsoft, Robert DeLine Microsoft Research, Mikhail Demyanyuk Microsoft, Jason Entenmann Microsoft Research, Nicole Forsgren Microsoft Research, Aliaksandr Hramadski Microsoft, Haris Mohammad Microsoft, Sandeepan Sanyal Microsoft, Oleg Surmachev Microsoft, Thomas Zimmermann University of California, Irvine | ||
14:50 20mTalk | Adaptive Random Testing with Qgrams: the Illusion Comes True Research Papers Matteo Biagiola Università della Svizzera italiana, Robert Feldt Chalmers | University of Gothenburg, Paolo Tonella USI Lugano DOI Pre-print | ||
15:10 10mTalk | Dynamic Application Security Testing for Kubernetes Deployment: An Experience Report from Industry Industry Papers Shazibul Islam Shamim Kennesaw State University, Hanyang Hu Company A, Akond Rahman Auburn University Pre-print | ||
Cosmos 3D is the fourth room in the Cosmos 3 wing.
When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.