Skip to content
  • Sign In
  • Try Now
View all events
Cloud Computing

Kubernetes Threat Modeling

Published by O'Reilly Media, Inc.

Intermediate content levelIntermediate

Securing cloud native applications

The architectural differences between cloud native systems and their on-premises counterparts lead to distinct threat and risk profiles. While physical data center security is controlled by cloud providers, the cloud computing “shared responsibility model” requires that users secure their configuration. Cloud technologies change rapidly as vendors introduce new managed services and users evolve their usage of an ever-expanding tool set. To remain relevant, security must keep up with the speed of innovation.

This delivery-focused approach requires a thorough understanding of the system, its information assets, and any threats or risks posed by its use. Expert James Callaghan walks you through modern and lightweight threat modeling techniques that are designed for evolving cloud systems to help security and engineering teams increase the velocity and security of delivery. You’ll explore adversarial techniques and preventive and detective measures using an ill-fated example company, and you’ll build defensive security controls for the quantified impact of modern cloud threats.

What you’ll learn and how you can apply it

By the end of this live online course, you’ll understand:

  • Key controls to implement for cloud native systems
  • How to build an effective, lightweight threat model
  • When to hold, review, and repeat threat modeling workshops
  • Best practices to start your team threat modeling, what to avoid, and a lightweight framework to guide discussion
  • Why cloud native patterns change traditional ownership models

And you’ll be able to:

  • Gather the key information necessary to start threat modeling
  • Design and hold threat modeling workshops
  • Identify threats to your system using common identification techniques and enumeration sources
  • Develop and document controls to effectively mitigate identified threats and risks
  • Carry out retrospectives to determine the ongoing validity of a threat model

This live event is for you because...

You want to secure cloud native systems. You’re an architect or engineer inquisitive about securing cloud technologies or investigating threat modeling techniques for your job.

  • You’re a relative newcomer to threat modeling seeking an introduction to the core concepts and methodologies in a cloud native context.
  • You work with a team deploying cloud native solutions with a keen focus on security.
  • You aspire to become a security champion, driving decisions with a sound understanding of the threats in your organization’s business environment.

Prerequisites

  • A computer or virtual machine with 8+ GB of RAM with Docker Compose installed (v1.27.4+) (required to take part in hands-on exercises)
  • Access to OWASP Threat Dragon (online version or desktop app) or an A4 pad and pen
  • A basic understanding of the principles of cloud infrastructure

Recommended follow-up

Schedule

The time frames are only estimates and may vary according to how the class is progressing.

Threat modeling (60 minutes)

  • Presentation: What threat modeling is and how to make it simple; introducing an example company; building information flow diagrams; techniques for identifying threats; how to run a workshop
  • Q&A
  • Break

Enumerating catastrophe: What can go wrong? (60 minutes)

  • Presentation and demo: Key security differences between cloud native and on-premises systems; turning identified threats into an attack tree; leaked credentials
  • Hands-on exercise: Identify threats to an example company
  • Q&A
  • Break

Proactive prevention: What are we doing about it? (60 minutes)

  • Presentation: Risk management, business context, and how to implement controls; types of cloud native control; securing attack trees with controls
  • Hands-on exercise: Defend example company from predatory threats
  • Q&A
  • Break

Ongoing responsibilities: Are we doing a good job? (60 minutes)

  • Presentation: Threat modeling effectiveness reviews and workshop retrospectives; scaling and maturity models
  • Hands-on exercise: Review automated test output by pushing insecure code to a repository, then reviewing the output from a static analysis tool
  • Q&A

Your Instructor

  • James Callaghan

    Dr. James Callaghan is a Cloud Native Security Architect at Control Plane. He started off working as a Theoretical Physicist, but long nights of coding sparked an interest in how easy it can be for vulnerabilities and weaknesses to creep in, and thus a career in cyber security was born. James then spent a number of years consulting as a Security Architect for UK Government clients, where he specialized in designing secure Public Cloud architectures. A particular interest in container security led him to Control Plane, where he works with clients operating in highly regulated environments, helping them to protect their systems against the multitude of cyber threats facing any organization operating in the data age.