Attack matrix for Kubernetes

Click for: original source

Security research software engineer Yossi Weizman put together this guide for considering new security challenges when moving workloads to Kubernetes.

The MITRE ATT&CKĀ® framework is a knowledge base of known tactics and techniques that are involved in cyberattacks. Started with coverage for Windows and Linux, the matrices of MITRE ATT&CK cover the various stages that are involved in cyber attacks (tactics) and elaborate the known methods in each one of them (techniques).

MITRE ATT&CK framework tactics include:

  • Initial access
  • Execution
  • Persistence
  • Privilege escalation
  • Defense evasion
  • Credential access
  • Discovery
  • Lateral movement
  • Impact

When Azure Security Center started to map the security landscape of Kubernetes, they noticed that although the attack techniques are different than those that target Linux or Windows, the tactics are actually similar. To get full picture read this excellent article in full!

[Read More]

Tags devops kubernetes software-architecture containers golang