Code Monkey home page Code Monkey logo

Comments (7)

drwetter avatar drwetter commented on June 25, 2024

Thanks!

You're right. partly however it is there - in the threat model at least., see https://github.com/OWASP/Docker-Security/blob/master/001%20-%20Threats.md.

The concrete point belongs to D08. This needs to be filled with content and it was planned in the spring, when I had more time than I have now. Feel feel starting with that with what you intended, similar to the scheme of the other points which have content. PR's are appeciated.

For k8s: Sigh, yes. What I had in mind is at least add something like a remark in the respective points, like "you should use a ~proper network policy", "pod security policy" and "not rely on the IMO defaults". So in a sense mention the weak points but do not go too much in detail.

from docker-security.

Aut0R3V avatar Aut0R3V commented on June 25, 2024

Can this issue be closed?

from docker-security.

javixeneize avatar javixeneize commented on June 25, 2024

Hi

I have t had time to do this, apologies. Yes, close it and at some point I will try to complete it

from docker-security.

drwetter avatar drwetter commented on June 25, 2024

I'd rather leave this open at the moment as I on my list was a review of the vector specific threats and maybe then an addition of specific threats.

from docker-security.

Aut0R3V avatar Aut0R3V commented on June 25, 2024

from docker-security.

drwetter avatar drwetter commented on June 25, 2024

@Aut0R3V : if you want to spend some cycles: you could work on a threat map like the one Timo contributed:
https://raw.githubusercontent.com/OWASP/Docker-Security/master/assets/threats.png

First, that should be in an editable format, preferably SVG. Then: It's halfway between the general threats / vectors as I described in the text and specific threats. So either it should be one or the other. ;-)

To give you an idea I am attaching an SVG I used for a talk a while back which can be used as a starting point

Threats_v0.1.orange.svg.gz

PS + OT: Seems for security reasons I needed to gzip the SVG

from docker-security.

Aut0R3V avatar Aut0R3V commented on June 25, 2024

Thanks a lot! I'll get started in sometime.

from docker-security.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.