1.
Introduction
2.
Kubernetes Introduction
2.1.
The Children's Illustrated Guide to Kubernetes
2.2.
High level overview of common resources
2.3.
Creating a playground with Katacoda
2.4.
Hands-on common use-cases
2.4.1.
Deploying an application using manifest
3.
Threat Model
3.1.
Terminology
3.2.
Threat Actors
3.3.
Trust Boundaries
3.4.
System Architecture
3.5.
Using the Threat Model
4.
Kubernetes Security Testing
4.1.
Discovery
4.1.1.
Fingerprinting Master Node
4.1.2.
Fingerprinting Worker Node
4.1.3.
Cluster Exposed Service Discovery
4.2.
Authentication and Authorization Testing
4.3.
Cluster Testing
4.4.
Container Testing
4.5.
Runtime Testing
5.
CIS Benchmark Audit for Kubernetes
6.
CIS Benchmark Audit for Docker
7.
References & Resources
Light (default)
Rust
Coal
Navy
Ayu
Kubernetes Security Testing Guide
Terminology
TBD - Use OWASP Threat Modeling terminology.