Attacking and Defending Amazon EKS [Cheat Sheet]

Attacking and defending Amazon EKS by understanding scenarios that map to the OWASP Top 10

Our live presentation on Attacking & Defending Amazon EKS sparked interesting questions and conversations regarding the biggest threats to Amazon EKS (and Kubernetes in general).

A great way to learn about Kubernetes security threats is to turn to resources from OWASP. Let’s take a look.

If you’re not already familiar with OWASP, they’re a nonprofit driven by volunteers, and they’ve been putting out fantastic free resources for years. Their most well known project is the “OWASP Top 10” which lists out the top 10 web application security risks…but not as well known is that they also have an OWASP Top 10 for Kubernetes Risks.

The open source tool that Georgi Vodenitcharov, CISSP demonstrated in our webinar called Kubernetes Goat has learning scenarios that map directly to the top 10 list so that you can learn about the risks and impacts hands-on. You can even do this all for free, since you have the ability to run it locally instead of in the cloud if you want.

Check out our cheat sheet below to see what I mean, and if you’d like to try it out, refer to our live presentation and to the K8s Goat project.

More free resources to keep learning about this:
➡️ More cheat sheets like this: https://cybr.com/tag/cheat-sheets/
➡️ Webinars: https://cybr.com/webinars

♻️ If you know anyone running Kubernetes or learning about it, help share to make sure they see this! ♻️

Kubernetes Security Risks from OWASP Top 10 mapping to Kubernetes Goat learning labs scenarios

Related Articles

Responses

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.