Skip to content

Latest commit

 

History

History
48 lines (27 loc) · 2.52 KB

README.md

File metadata and controls

48 lines (27 loc) · 2.52 KB

kubernetes-for-soc

In today's rapidly evolving technological landscape, Security Operations Center (SOC) analysts find themselves confronted with an increasingly daunting challenge. With a multitude of emerging technologies and constant transformations in existing ones, these professionals must grapple with the formidable task of comprehending each technology adopted by the organizations they safeguard.

Among these technologies, Kubernetes stands out as a pivotal and complex component. However, the accelerated pace of technological advancements leaves SOC analysts with limited time to acquire the in-depth knowledge and expertise required to effectively secure and/or monitor Kubernetes implementations.

This intricate balancing act between staying current with evolving technologies and maintaining robust security measures within a constrained timeframe underscores the pivotal role of SOC analysts in today's dynamic and high-stakes cybersecurity landscape.

To alleviate this burden, kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and knowledge necessary to perform their critical duties.

This Is Not

This Is

  • This is a collaborative and personal effort.
  • This is a project that is expected to evolve and gain from others' inputs.

Usage

For now, there are two main parts within kubernetes-for-soc:

  • threat model
  • SOC observability

In order to make the most out of the content, it would be preferable if you begin with the threat model and then SOC observability.

However, you are free to explore the content however you want. The point is that you are able to learn!

Coming Soon

  • Checklist of MUST-DO to have a Kubernetes cluster in a defensible position, maximising visibility and enabling efficient security monitoring.

Acknowledgements

I would like to thank the ControlPlane's Security Team, especially Andrew Martin and Francesco Beltramini, for their time and expertise in this collaboration.

Getting Help

If you have any questions about kubernetes-for-soc:

Your feedback is always welcome!