MITRE ATT&CK Framework for Kubernetes and Container Runtime Security

Presented by

Zohar Kaufman, VP R&D & Ariel Shuper, VP Product

About this talk

The MITRE ATT&CK framework provides a threat matrix that guides administrators, developers, DevOps, security teams and others in protecting their networks, systems and endpoints from undesirable access and manipulation. But what about Kubernetes? What we are missing is a MITRE ATT&CK matrix that is interpreted for the Kubernetes environment – a matrix that connects the dots and provides the missing security context for Kubernetes security best-practices. At Portshift, we’ve brought this matrix to life. We’ve taken the concepts presented by Microsoft and the theory of a threat-based model from MITRE and implemented a matrix that is tailored for Kubernetes, helping our users actively detect potential threats in their Kuberetes clusters but also to create, implement and monitor their defense strategies and the security of their applications and deployments. With our K8SHIELD™ Framework, we’ve also released a graphical view that connects the dots for you with the familiar ATT&CK matrix, displaying the risks and their applicability to deployed clusters. This session is perfect for IT professionals like CTOs, CIOs and DevOps engineers. In this session we will discuss: - Tactics – the attack vector; the ultimate objective of an attacker - Documented attacks describing how adversaries achieved these tactics by using the associated techniques - Recommendations for remediation - a prioritized list of mitigation steps you should apply to give you the broadest protection

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (12)
Subscribers (1012)
Portshift is a Kubernetes-native security leader leveraging the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications protection. Portshift is the only solution offering an agentless approach, with a single Kubernetes admission controller for seamless integration.