Introduced Vulnerabilities through Rehosting
I took my first graduate-level class in spring 2025 about the foundations of cloud computing. Our labs were focused on learning the fundamentals of virtualization and containerization technologies, such as Vagrant, Docker, Kubernetes, KIND, Helm, & more. Graduate classes also require research, of course, and our final paper could be on pretty much anything, so I leaned into vulnerability research – what kinds of attack paths could be opened when a company decides to migrate to the cloud?
The paper is currently my proudest piece of research, but, of course, it has its flaws. I’d love to have spent more time exploring the vulnerabilities themselves and perhaps backing them up with CVEs, PoCs, and attack path visualizations, and maybe linking them to real-world data breaches. Feel free to read if the topic interests you, or if you, for some reason, own a company that’s thinking about rehosting.
Post published 06/29/2025, dated 05/02/2025 for chronology purposes.