This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Fast Chat with
Sheila A. Berta
Leading up to Black Hat USA, hear from Black Hat Review Board Members, Speakers, Trainers and Partners about their contributions to information security and the upcoming Black Hat event.
This week, we chat with Sheila A. Berta, who will teach "From Zero to Hero - Pentesting and Securing Docker Swarm & Kubernetes Environments" and present Briefing "Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes" at Black Hat USA 2020.
Last year at Black Hat Briefings you spoke about different ways to backdoor microcontrollers. What inspired you to look at how to implement advanced security features to secure Docker and Kubernetes for this year's Briefing presentation?
It's a good question, might be interesting for someone to observe that I have switched from hardware and reversing to defense in Docker and Kubernetes. My passion for information security stretches across the length and breadth of this discipline. Every InfoSec area is correlated with many others, and my curiosity made me jump from one to another, that is why I have done deep research on cloud native technologies security, hardware hacking, car hacking, wireless (in)security, malware and many other areas. I define myself as "offensive security researcher" all my investigations so far had been from the offensive point of view. Today, regarding Docker and Kubernetes, I will speak from the other side of the desk for first time. I have made this (temporary) change of my customs because I see that there is a huge need to speak about how to truly protect the containerized environments that are ruling the new era of infrastructure.
Will you be sharing any of the vulnerabilities you found in your research in your Training class?
Inevitably while investigating in depth how these technologies work and the attack and defense mechanisms that can be applied, I discovered many interesting techniques that are incredibly useful for both RedTeam and BlueTeam professionals. I will explain them in detail in my class. Throughout the two days, black box, grey box and white box analysis will be covered on Docker, Docker Swarm (official Docker orchestrator) and Kubernetes (most popular orchestrator today). The training is designed to provide to the students a practical applied security knowledge on containerization and orchestration from an offensive and defensive point of view.
What is your Training style? Can students expect labs, lectures...?
It is a strong practical class. We have prepared more than 10 laboratories; the time will be distributed on 20% lecture vs 80% hands-on. The theory lessons will be used to explain necessary concepts that will boost the practical exercises. The main focus will be dedicated to the hands-on laboratories. We believe that practice accompanied with dedicated tutoring is the best method to understand in deep the acquired knowledge. That is why we will give the class as a team, together with my co-trainer Sol, we will provide the support needed to the students so that no one is left behind in the practices.
How are you feeling about this year's event being virtual? Have you given any virtual talks or courses in the past?
Let me first say that I will really miss seeing my Black Hat friends in person this year! I have been attending to Black Hat every year since I was 21 and made many friends, both from the organization and with the people who frequently attend. I will miss very much enjoying the event in person. However, it has been the best decision for everyone's safety to migrate the event to the online format. Fortunately, I have some experience giving talks and webinars online, now we are doing it this way also for our customers at Dreamlab Technologies. In fact, in August of last year I gave the Black Hat webinar, so I'm familiar with the platform that Black Hat uses.
As a Black Hat Triple Threat, you have experience teaching Trainings, speaking at Briefings and presenting at Arsenal - Do you have any advice for people who are thinking about submitting in the future?
I feel very honored to be a "Black Hat Triple Threat". Arsenal was an excellent starting point for me, it helped me familiarize myself with the event. Black Hat Briefings has been a great challenge, and now I am very happy to give a talk for the third time! Regarding trainings, it is a fantastic place to share knowledge and I'm very looking forward to it. I feel somehow the need of doing it to balance how much the Black Hat community has given to me in the past. My advice to those who want to participate at Black Hat, is to put enough effort into developing their proposal. Choose a research, prepare a detailed white paper and take your time to develop a proposal for Black Hat that describes best the investigation detailing what you will present. The Review Board needs to know as much details as possible about your talk or training.
I noticed on your blog that in your free time you enjoy break dancing and are an artist! Have you picked up any new hobbies lately? Is there somewhere we can see more artwork?
I love break dancing but I haven't practiced it for some years. I have been putting a huge focus on my job lately, especially now that I have the responsibility of leading a new research unit. However, every so often I do some graffiti and I started to skate again - which I have always liked since I was a kiddo - thanks to someone who motivated me to return practicing it ;)
Sheila A. Berta is an offensive security specialist who started at 12 years-old by learning on her own. At the age of 15, she wrote her first book about Web Hacking, published in several countries. Over the years, Sheila has discovered vulnerabilities in popular web applications and software, as well as given courses at universities and private institutes in Argentina. She specializes in offensive techniques, reverse engineering, and exploit writing and is also a developer in ASM (MCU and MPU x86/x64), C/C++, Python and Golang. As an international speaker, she has spoken at important security conferences such as Black Hat Briefings, DEF CON, HITB, Ekoparty, IEEE ArgenCon and others. Sheila currently works as Head of Research at Dreamlab Technologies.