Type
Configuration Scanning
D3FEND Tactic
Platform Hardening (D3-PH)
TL;DR
Scans cloud setups for compliance and security best practices.
Description
The process of continuously scanning cloud environments to ensure that configurations adhere to security best practices and compliance requirements.
Techniques
Abuse of cross-job access in CI/CD systemPropagation via KubeletPublic exposure abuseK8s anonymous auth abuseAzure Arc abuseAzure Run Commands abuseAzure Batch abuseAzure AD abuseAppstream abuse