├── .gitignore ├── 404.html ├── Gemfile ├── _config.yml ├── assets └── images │ └── README.md ├── index.md ├── info.md ├── leaders.md ├── tab_example.md └── tab_faq.md /.gitignore: -------------------------------------------------------------------------------- 1 | /Gemfile 2 | /Gemfile.lock 3 | /favicon.ico 4 | _site/ -------------------------------------------------------------------------------- /404.html: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | title: 404 - Not Found 4 | layout: col-generic 5 | 6 | --- 7 | 8 |
9 |

10 |

WHOA THAT PAGE CANNOT BE FOUND

11 |

Try the SEARCH function in the main navigation to find something. If you are looking for chapter information, please see Chapters for the correct chapter. For information about OWASP projects see Projects. For common attacks, vulnerabilities, or information about other community-led contributions see Contributed Content.

12 | 13 |
14 |

If all else fails you can search our historical site.

15 |
16 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | group :jekyll_plugins do 3 | gem "github-pages" 4 | end -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- 1 | remote_theme: "owasp/www--site-theme@main" 2 | plugins: 3 | - jekyll-include-cache-0.2.0 -------------------------------------------------------------------------------- /assets/images/README.md: -------------------------------------------------------------------------------- 1 | # placeholder 2 | 3 | Put images you wish to link to in this folder 4 | 5 | link would be in form /assets/images/ 6 | -------------------------------------------------------------------------------- /index.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | layout: col-sidebar 4 | title: OWASP Kubernetes Security Testing Guide 5 | tags: kstg 6 | level: 2 7 | type: 8 | pitch: A comprehensive guide to Kubernetes Security Testing 9 | 10 | --- 11 | 12 | [![Creative Commons License](https://licensebuttons.net/l/by-sa/4.0/88x31.png)](https://creativecommons.org/licenses/by-sa/4.0/ "CC BY-SA 4.0") 13 | 14 | ## Our Vision 15 | 16 | ### "Create a comprehensive manual for Kubernetes Cluster Security Assessment" 17 | 18 | We are creating a comprehensive testing guide for Kubernetes cluster security assessment that covers a top down approach to assess the security of a cluster. The guide include methodology, tools, techniques and procedures (TTP) to execute an assessment that enables a tester to deliver consistent and complete results. 19 | 20 | ## Deliverables 21 | 22 | ### Kubernetes Security Testing Guide (KSTG) 23 | 24 | The KSTG is (aims to be) a comprehensive manual for Kubernetes security analysts and red teamers. It aims to help DevSecOps Teams understand attacker TTPs and design effective countermeasures. KSTG *propose* to have the following high-level structure: 25 | 26 | 1. Introduction to Kubernetes Architecture and its Components 27 | 2. Kubernetes Cluster Threat Model 28 | 3. Container Security Assessment 29 | 4. Cluster Discovery and Recon 30 | 5. Cluster Security Assessment 31 | 6. Auditing against CIS Benchmarks 32 | 33 | ### Kubernetes Security Testing Checklist 34 | 35 | A checklist will be created based on the KSTG. This checklist is meant to be used as a reference by security testers during engagements. 36 | 37 | ### Kubernetes Security Testing Tools 38 | 39 | TBD 40 | -------------------------------------------------------------------------------- /info.md: -------------------------------------------------------------------------------- 1 | ### Kubernetes Security Testing Guide Information 2 | 3 | * [Incubator Project](#) 4 | 5 | ### Classification 6 | 7 | * Documentation 8 | 9 | ### Audience 10 | 11 | * Builder 12 | * Breaker 13 | * Defender 14 | 15 | ### Downloads or Social Links 16 | 17 | * [Download](#) 18 | * [Meetup](#) 19 | 20 | ### Code Repository 21 | 22 | * [repo](#) 23 | 24 | ### Change Log 25 | 26 | * [changes](#) 27 | -------------------------------------------------------------------------------- /leaders.md: -------------------------------------------------------------------------------- 1 | ### Leaders 2 | 3 | * [Madhu Akula](https://twitter.com/madhuakula) 4 | * [Abhisek Datta](mailto:abhisek.datta@gmail.com) 5 | -------------------------------------------------------------------------------- /tab_example.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Example 3 | layout: null 4 | tab: true 5 | order: 1 6 | tags: example-tag 7 | --- 8 | 9 | ## Example 10 | 11 | Put whatever you like here: news, screenshots, features, supporters, or remove this file and don't use tabs at all. -------------------------------------------------------------------------------- /tab_faq.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: FAQ 3 | layout: null 4 | tab: true 5 | order: 4 6 | tags: kstg 7 | --- 8 | 9 | ## Project Roadmap 10 | 11 | TBD 12 | 13 | ## Community Meeting 14 | 15 | * Slack - TBD 16 | * Mailing list - TBD 17 | 18 | ## Source Code 19 | 20 | * https://github.com/OWASP/www-project-kubernetes-security-testing-guide 21 | 22 | ## How to contribute 23 | 24 | TBD 25 | --------------------------------------------------------------------------------