Kubernetes, the most popular container orchestration system and one of the fastest-growing projects in the history of open source, becomes a significant part of many companies’ compute stack. The flexibility and scalability of containers encourage many developers to move their workloads to Kubernetes. While Kubernetes has many advantages, it also brings new security challenges that should be considered. Therefore, it is crucial to understand the various security risks that exist in containerized environments, and specifically in Kubernetes.
Microsoft has created an ATT&CK-like matrix comprising the major techniques that are relevant to container orchestration security, with a focus on Kubernetes.
Shared by Emil Tan, Skipper & Co-Founder of Div0.