-
Book Overview & Buying
-
Table Of Contents
Learning Kubernetes Security - Second Edition
By :
This chapter introduced the basic concepts of threat modeling. We discussed the important assets, threats, and threat actors in Kubernetes environments. We discussed different security controls and mitigation strategies to improve the security posture of your Kubernetes cluster.
Then, we walked through application threat modeling, taking into consideration applications deployed in Kubernetes, and compared it to the traditional threat modeling of monolithic applications. The complexity introduced by the Kubernetes design makes threat modeling more complicated, as we’ve shown: more assets to be protected and more threat actors. More security control doesn’t necessarily mean more safety.
We introduced the MITRE ATT&CK framework and its controls and saw how beneficial it can be for defenders to map their security controls.
You should keep in mind that although threat modeling can be a long and complex process, it is worth implementing to grasp the...