Introduction

The Kubernetes Security Testing Guide (KSTG) aims to be a comprehensive testing guide for Kubernetes cluster security assessment that covers a top down approach to assess the security of a cluster. The guide include methodology, tools, techniques and procedures (TTP) to execute an assessment that enables a tester to deliver consistent and complete results.

While developed primarily for security testers, it can help DevSecOps Teams understand attacker Tactics, Techniques and Procedures (TTP) and design effective countermeasures.

Reference

  • https://owasp.org/www-project-kubernetes-security-testing-guide/