Posts under kubernetes threat matrix
The fifth installment in our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Defense Evasion, a grouping of techniques focused on concealing adversary actions intended to avoid detection. This includes tactics such as deleting evidence of an attacker’s presence or obfuscating how access to a resource was gained. You can find the first four articles in the series below:
Part four of our nine-part blog series on the various Kubernetes threat vectors and tactics covers Privilege Escalation, which encompasses techniques that enable an attacker to gain additional privileges that can be used to take more actions within the cluster and/or grant access to a wider scope of resources. These techniques include accessing or running a privileged container, taking advantage of roles with broad administrative privileges, and gaining access to cloud resources.