Loading…
Timezone
In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Thursday, October 14 • 11:00am - 11:35am
Know Your Enemy: Mapping Security Risks Using Threat Matrix for Kubernetes - Yossi Weizman & Ram Pliskin, Microsoft

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
In April, Microsoft released an updated version of the Threat Matrix for Kubernetes which was originally released in 2020. The Threat Matrix is a knowledge base for security threats that target Kubernetes. This matrix was the first attempt to systematically cover the attack landscape of Kubernetes. In this session, we will explain how defenders and SecOps engineers can use the matrix to protect their Kubernetes workloads. We will demonstrate how a real-world attack is mapped to the techniques in the matrix and how organizations can measure their coverage to the attack using the matrix. Inspired by the Threat Matrix for Kubernetes, MITRE expanded their ATT&CK framework to include also containers. In the session, we will examine the differences between the Threat Matrix and MITRE ATT&CK and explain how users can leverage both matrices to gain a better security visibility for their environments.
Speakers
RP

Ram Pliskin

Principal Security Research Manager, Microsoft
Ram is a Principal Security research manager in the Cloud Security Research team at Microsoft. Ram gained his expertise serving more than a decade for the IDF Intelligence Corp, where he had hands-on experience in research and software development. He also led a team of security researchers... Read More →
avatar for Yossi Weizman

Yossi Weizman

Senior Security Research Manager, Microsoft
Yossi Weizman is a Senior Security Research Manager at Microsoft Defender for Cloud. He has 12 years of experience in the security research field, starting in the Israeli military. In his current role, Yossi’s main focus is container security. Yossi holds a B.Sc. in Computer Science... Read More →

Know Your Enemy Mapping Security Risks Using Threat Matrix for Kubernetes Yossi Weizman Ram Pliskin 101421 V1 pdf
Thursday October 14, 2021 11:00am - 11:35am PDT
Room 408 AB + Online
  Security + Identity + Policy