Security is more important than ever before, and Kubernetes is no exception. Fortunately, there are a lot of things that can be done to secure Kubernetes, and we’ll cover some of them in the next chapter. However, before we do this, it’s worth taking a moment to model some of the common threats.

Threat modeling

Threat modeling is the process of identifying vulnerabilities so that we can put measures in place to prevent and mitigate them. In this chapter, we’ll look at the popular STRIDE model and see how it can be applied to Kubernetes.

STRIDE defines six categories of potential threat:

• Spoofing
• Tampering
• Repudiation
• Information disclosure
• Denial of service
• Elevation of privilege

While the model is good, it’s important to keep in mind that no threat model guarantees to cover all possible threats. However, models like this are useful at providing a structured way to look at an entire system.

For the rest of this chapter, we’ll look at each of the six threat categories in turn. For each one, we’ll give a quick description, and then look at some of the ways it applies to Kubernetes and how we can prevent and mitigate vulnerabilities.

This chapter doesn’t attempt to cover everything. It’s intended to give you ideas and get you started.