Attacking (and Defending) Apache Kafka

When attacking any system, taking control of its central nervous system is the first step in infiltrating the core infrastructure and gaining control over its vital functions. Translating this to organization data, a clear target is Apache Kafka, the data hub increasingly adopted for mission-critical systems. This session explores the topic of attacking and defending Apache Kafka, shedding light on potential threats, attack vectors, and countermeasures.

Initially we’ll focus on understanding the potential attack surface of Apache Kafka. Defining attackers' objectives and vectors, including unauthorized access, injection attacks, misconfigurations, and distributed denial-of-service (DDoS). With the fundamental threat surface and actors understood, we’ll shift our focus to defensive strategies that protect Apache Kafka deployments. We will discuss and demonstrate best practices and security measures including ACLs, encryption, and monitoring that can help reduce the potential attacks.

Whether you’re directly managing Apache Kafka or it’s part of your data infrastructure, this talk will give you an idea of the security threats involved and how to be ready for them.