Table of contents

Containers * * * * * * * * * * *

Capabilities * * * * * *




  • Notary
    • Notary is a project that allows anyone to have trust over arbitrary collections of data

Kubernetes Kubernetes tool sheet -

  • kind
    • kind is a tool for running local Kubernetes clusters using Docker container “nodes”. kind was primarily designed for testing Kubernetes itself, but may be used for local development or CI.
  • How to Train Your Red Team (for Cloud Native) - @sublimino
  • K8s Attack Tree - Summary
    • The following threat model encompasses a series of attack trees and documentation targeting a generic Kubernetes installation. The aim of this work is to provide a detailed view of threats and mitigations that can be used as a checklist to identify common attack vectors for the platform and how a would be attacker could exploit configuration vulnerabilities within Kubernetes to achieve specific goals. This can then be used as a tool to test the security of an installation and gain visibility on the logging output that would be generated in the event of a potential attack.
  • 11 Ways (Not) to Get Hacked - Andrew Martin
    • Kubernetes security has come a long way since the project's inception, but still contains some gotchas. Starting with the control plane, building up through workload and network security, and finishing with a projection into the future of security, here is a list of handy tips to help harden your clusters and increase their resilience if compromised.
  • How to Train Your Red Team(for Cloud Native) - @sublimino, @controlplaneio(Aqua KubeSec Summit Nov19)