Skip to content

Commit

Permalink
Merge pull request #505 from kubescape/ac-nodes
Browse files Browse the repository at this point in the history 
change node names + add description
  • Loading branch information
@YiscahLevySilas1
YiscahLevySilas1 authored Sep 10, 2023
2 parents 49a4a32 + 5bcbab3 commit 546619d
Show file tree
Hide file tree
Showing 13 changed files with 33 additions and 23 deletions.
6 changes: 4 additions & 2 deletions attack-tracks/service-destruction.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@
"spec": {
"version": "1.0",
"data": {
"name": "Workload Exposure",
"name": "Initial Access",
"description": "An attacker can access the Kubernetes environment.",
"subSteps": [
{
"name": "Service Destruction"
"name": "Denial of service",
"description": "An attacker can overload the workload, making it unavailable."
}
]
}
Expand Down
24 changes: 16 additions & 8 deletions attack-tracks/workload-external-track.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,29 +7,37 @@
"spec": {
"version": "1.0",
"data": {
"name": "Workload Exposure",
"name": "Initial Access",
"description": "An attacker can access the Kubernetes environment.",
"subSteps": [
{
"name": "Vulnerable Image",
"name": "Execution (Vulnerable Image)",
"description": "An attacker can execute malicious code by exploiting vulnerable images.",
"checksVulnerabilities": true,
"subSteps": [
{
"name": "Data Access"
"name": "Data Collection",
"description": "An attacker can gather data."
},
{
"name": "Secret Access"
"name": "Secret Access",
"description": "An attacker can steal secrets."
},
{
"name": "Credential access"
"name": "Credential access",
"description": "An attacker can steal account names and passwords."
},
{
"name": "Potential Node exposure"
"name": "Privilege Escalation (Node)",
"description": "An attacker can gain permissions and access node resources."
},
{
"name": "Persistence"
"name": "Persistence",
"description": "An attacker can create a foothold."
},
{
"name": "Network"
"name": "Lateral Movement (Network)",
"description": "An attacker can move through the network."
}
]
}
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0009-resourcelimits.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{
"attackTrack": "service-destruction",
"categories": [
"Service Destruction"
"Denial of service"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0041-hostnetworkaccess.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Network"
"Lateral Movement (Network)"
]
}
]
Expand Down
4 changes: 2 additions & 2 deletions controls/C-0044-containerhostport.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,13 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Workload Exposure"
"Initial Access"
]
},
{
"attackTrack": "service-destruction",
"categories": [
"Workload Exposure"
"Initial Access"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0045-writablehostpathmount.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Potential Node exposure"
"Privilege Escalation (Node)"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0046-insecurecapabilities.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Potential Node exposure"
"Privilege Escalation (Node)"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0048-hostpathmount.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Potential Node exposure"
"Privilege Escalation (Node)"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0211-applysecuritycontexttoyourpodsandcontainers.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Potential Node exposure"
"Privilege Escalation (Node)"
]
}
]
Expand Down
4 changes: 2 additions & 2 deletions controls/C-0256-exposuretointernet.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Workload Exposure"
"Initial Access"
]
},
{
"attackTrack": "service-destruction",
"categories": [
"Workload Exposure"
"Initial Access"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0257-pvcaccess.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Data Access"
"Data Collection"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0258-configmapaccess.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Data Access"
"Data Collection"
]
}
]
Expand Down
2 changes: 1 addition & 1 deletion controls/C-0260-missingnetworkpolicy.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{
"attackTrack": "workload-external-track",
"categories": [
"Network"
"Lateral Movement (Network)"
]
}
]
Expand Down

0 comments on commit 546619d

Please sign in to comment.