The need for a deeper Kubernetes risk assessment framework beyond the current CIS benchmarks
- The current common Kubernetes risk assessment framework is based on the CIS benchmarks for Kubernetes
- The framework only covers security misconfigurations and doesn't go deeper than the security configurations of the various elements
- Real attacks can start by multiple elements expanding beyond security misconfigurations
- There is a need for an additional risk-assessment framework that can go deeper than the Kubernetes configurations, verifying that all other attack methods, steps, and stages are covered
- MITRE has crafted an ATT&CK matrix for containers/Kubernetes, which consists of tactics and techniques used in real attacks