Explore attack tree vignettes for Containers as a Service applications and risk-centric threat models in this 57-minute conference talk by Tony Uceda Vélez, CEO of VerSprite Security, at AppSec Ca 2016. Delve into containerization, cloud adoption, and the containerization landscape while examining threat agents, attack actors, and use cases. Learn about open-source security testing, attack patterns, and the attack surface for containers. Analyze personal services, application decomposition, threat prognosis, and threat rates. Investigate weaknesses in bash docker, alternate attack paths, orchestration attacks, and the human element. Gain valuable insights into securing containerized applications and understanding the associated risks in this comprehensive presentation from the OWASP Foundation.
Attack Tree Vignettes for Containers as a Service Applications - Risk-Centric Threat Modeling
Overview
Syllabus
Introduction
Attack modeling
Outline
Containerization
Cloud adoption
Containerization landscape
Proliferation significance
Threat agent
Attack actors
Use cases
Opensource security testing
Attack patterns
Attack surface for containers
Animation
Personal Services
Application Decomposition
Threat Prognosis
Threat Rates
Weaknesses
Bash docker
Alternate attack path
Orchestration attack
The human element
Taught by
OWASP Foundation
