16: Threat modeling Kubernetes

Security is more important than ever, and Kubernetes is no exception. Fortunately, there’s a lot you can do to secure Kubernetes, and you’ll see some ways in the next chapter. However, before doing that, it’s a good idea to model some of the common threats.

Threat modeling

Threat modeling is the process of identifying vulnerabilities so you can put measures in place to prevent and mitigate them. This chapter introduces the popular STRIDE model and shows how you can apply it to Kubernetes.

STRIDE defines six potential threat categories:

Spoofing
Tampering
Repudiation
Information disclosure
Denial of service
Elevation of privilege

While the model is good and provides a structured way to assess things, no model ...

Get The Kubernetes Book - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Kubernetes Book - Second Edition by Nigel Poulton, Pushkar Joglekar

16: Threat modeling Kubernetes

Threat modeling

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly