-
-
Notifications
You must be signed in to change notification settings - Fork 735
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The total number of misconfigurations and vulnerabilities in the Kubernetes-goat environment #65
Comments
+1. |
Makes a lot of sense. Let me document in a draft and share with you all and see if anything I missed and we can improve over the time. Will work on this this week, @fadao23 @ijewelmas appreciate any suggestions, inputs about format. |
Hi @madhuakula maybe I can try to help. So we need to put the risk level on each scenarios here?
or it's not like that? As each scenario might contain varied vulnerabilities & misconfigurations. CMIIW. |
Appreciate it if you have some ideas on how we can do this, @za. Let's discuss this here before moving forward with implementation. Basically, we need to capture the list of vulnerabilities, misconfigurations, etc., in each scenario and flag them in a testable way using tools like Checkov, KICS, Kubescape, etc. against our Kubernetes Goat project. This way, we can ensure that we can map them to the Kubernetes Goat framework list of vulnerabilities and what these tools are able to find/identify. Finally, we can create a matrix something like https://github.com/tsale/EDR-Telemetry?tab=readme-ov-file#telemetry-comparison-table |
Hello,
I was interested to understand the total number of intended misconfigurations and vulnerabilities in Kubernetes-goat environment. It will be great to have this information in order to understand which tool is able to capture most number of misconfigurations/vulnerabilities.
Thanks in advance !
The text was updated successfully, but these errors were encountered: