the microsegment

segment all the things

Thoughts on the Attack matrix for Kubernetes

This is just a datacenter

Introduction In a recent blog post Yossi Weizman talks about the Attack matrix for Kubernetes and i had a couple of thoughts about it. As Yossi rightly says, Kubernetes is becoming a vital part in the compute stack of many companies. What i hear in my network and during sessions with IT security teams is that they face new challenges with Kubernetes-based orchestration platforms. The container platforms are also perceived like a black box for traditional networking and IT security folks, so it makes sense to understand the security risks that are inherent to those platforms first.

Mitre ATT&CK and Segmentation

When people think about their strategic IT security projects, they often think of the last incident they were affected of and try to mitigate that, often by using technology only. This is a valid approach and probably is not so wrong, because we often see waves of incidents rolling in, the wannacry wave, other ransomware waves, certain exploit kits or malware waves. So it makes some sense to concentrate on those threats when they happen.