Weaveworks 2022.03 release featuring Magalix PaC | Learn more
Balance innovation and agility with security and compliance
risks using a 3-step process across all cloud infrastructure.
Step up business agility without compromising
security or compliance
Everything you need to become a Kubernetes expert.
Always for free!
Everything you need to know about Magalix
culture and much more
In the digital-first world and cloud-computing environments, Kubernetes adoption is on the rise. According to recent findings by Kubernetes Adoption Survey, 68% of IT professionals increased their use of Kubernetes as a result of the pandemic. The primary drivers of the increased K8s adoption are faster deployments of new applications, increased automation, and cost reductions among many others.
While the use of K8s has many benefits, and despite advances in many areas, the K8s stack has many challenges. The complexity with each layer of the stack - cloud, clusters, containers, and code - have raised the stakes, security-wise.
At Magalix, we are committed to addressing security risks in cloud-native environments and as such we present you with the MITRE ATT&CK Matrix for Enterprise policy pack.
It’s a framework and comprehensive knowledge base of adversary tactics and techniques that are involved in cyberattacks. The knowledge base can be used by the private sector, government, and in the cybersecurity product and service community as a foundation for the development of specific threat models and methodologies.
The matrices of MITRE ATT&CK include tactics and techniques. The tactics are the various stages that are involved in cyberattacks while the techniques are the known methods in each one of the tactics.
The matrix shown in Figure 1 displays the attack tactics (shown across the top) and the individual techniques (listed down each column). At least one technique per tactic would be involved in an attack sequence with a completed attack be built moving from left (Initial Access) to right (Impact).
Figure: Threat Matrix for Kubernetes
The MITRE ATT&CK can benefit organizations in various ways. The framework can be used to create adversary emulation scenarios to test and verify in-place cybersecurity controls against common adversary techniques. Organizations can also construct and test behavioural analytics, to assess their infrastructure and tools, and create mitigation strategies for existing defenses.
By using these matrices, organizations can better understand their environment's attack surface and make sure they have adequate detection, mitigation, and remediation in place to avoid these risks.
The MITRE ATT&CK Framework is a great guideline to use when establishing a security baseline. Magalix has mapped each ATT&CK technique to a Policy so you can validate your security posture against a predefined set of policies out of the box. By organizing our Policies by various standards such as the MITRE ATT&CK Framework, immediately know how your clusters stand against industry regarded best practices without any additional configuration.
With Magalix MITRE ATT&CK Policies, enterprises can:
One of the challenges with implementing a security framework is ensuring that each control is covered with an appropriate, and scalable policy. A goal at Magalix is to simplify the understanding of your current security posture. Our Reports feature achieves this by providing a predefined report ready to help you understand a cluster’s state regarding the MITRE ATT&CK Framework.
Our Report allows you to view each control and the state of each one. By drilling down, discover how many policies cover a control, and how many entities are violating that control. Each Policy can then be expanded for further insights into the Policy’s state and any violating entities.
Magalix Policy Enforcement Platform has 100s out-of-the-box policies and templates - PCI DSS, Application-Based Policies, and MITRE ATT&CK - enabling companies to hit the ground running. Start a 30-day commitment-free trial and explore them all!
Empower developers to delivery secure and compliant software with trusted application delivery and policy as code. Learn more.
Automate your deployments with continuous application delivery and GitOps. Read this blog to learn more.
This article explains the differences between hybrid and multi-cloud model and how GitOps is an effective way of managing these approaches. Learn more.
Implement the proper governance and operational excellence in your Kubernetes clusters.
Comments and Responses