diff --git a/attack-tracks/workload-unauthenticated-service.json b/attack-tracks/workload-unauthenticated-service.json new file mode 100644 index 00000000..1417c22c --- /dev/null +++ b/attack-tracks/workload-unauthenticated-service.json @@ -0,0 +1,27 @@ +{ + "apiVersion": "regolibrary.kubescape/v1alpha1", + "kind": "AttackTrack", + "metadata": { + "name": "workload-unauthenticated-service" + }, + "spec": { + "version": "1.0", + "data": { + "name": "Initial Access", + "description": "An attacker can access the Kubernetes environment.", + "subSteps": [ + { + "name": "Execution (Vulnerable Image)", + "description": "An attacker can execute malicious code by exploiting vulnerable images.", + "checksVulnerabilities": true, + "subSteps": [ + { + "name": "Data Collection", + "description": "An attacker can gather data." + } + ] + } + ] + } + } +} \ No newline at end of file diff --git a/controls/C-0274-unauthenticatedservice.json b/controls/C-0274-unauthenticatedservice.json index 17d4e11b..d199fb92 100644 --- a/controls/C-0274-unauthenticatedservice.json +++ b/controls/C-0274-unauthenticatedservice.json @@ -11,7 +11,7 @@ ], "attackTracks": [ { - "attackTrack": "workload-external-track", + "attackTrack": "workload-unauthenticated-service", "categories": [ "Data Collection" ]