Threat Model
Threat modeling is the process of identifying vulnerabilities so that we can put measures in place to prevent and mitigate them. In this chapter, we'll look at the popular STRIDE model and see how it can be applied to Kubernetes.
STRIDE defines six categories of potential threat:
- Spoofing
- Tampering
- Repudiation
- Information disclosure
- Denial of service
- Elevation of privilege
While the model is good, it's important to keep in mind that no threat model guarantees coverage of all possible threats. However, models such as this are useful in giving us a structured way to look at an entire system.
For the rest of this chapter, we'll look at each of the six threat categories of the STRIDE model in turn. For each one, we'll give a quick description, and then look at some of the ways it applies to Kubernetes and how we can prevent and mitigate the threat.
This chapter doesn't attempt to cover everything. It&apos...