Posts under Kubernetes Mitre Attack Matrix
Part six of our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Credential Access, a set of activities intended for stealing sensitive credentials such as application secrets, passwords, and tokens that may be used by either users or service accounts. These credentials can subsequently be used to gain access to resources that include applications, cluster resources (e.g., pods, controllers, or other Kubernetes objects), cloud resources, and others.
The fifth installment in our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Defense Evasion, a grouping of techniques focused on concealing adversary actions intended to avoid detection. This includes tactics such as deleting evidence of an attacker’s presence or obfuscating how access to a resource was gained. You can find the first four articles in the series below: