Skip to content

Use GOSS to validate CKS related challenges #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
walidshaari wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Use GOSS to validate CKS related challenges #22

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
904b860
Create a CKS related Challenge test usecase
walidshaari Oct 31, 2020
effbee8
fix style
walidshaari Oct 31, 2020
f8b0aec
Update 06_Monitoring_Logging_and_Runtime_Security.md
walidshaari Oct 31, 2020
b16a18d
Suggest CKAD commubity validator
walidshaari Oct 31, 2020
e247f33
Merge branch 'master' of https://github.com/walidshaari/challenges
walidshaari Oct 31, 2020
a793f29
styling
walidshaari Oct 31, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions Kubernetes/GOSS/CKAD/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
**Challenge**: Using [Goss](https://github.com/aelsabbahy/goss) and other tooling develop a validation framework for CKAD community challenges

**Expectation**: **Goss** YAML files and index directory/repo to point to the community challenge and its validation script/Checks

- e.g. [150 CKAD questions](https://medium.com/bb-tutorials-and-thoughts/practice-enough-with-these-questions-for-the-ckad-exam-2f42d1228552)
it would be nice to capture this within a community simulator and validator
18 changes: 18 additions & 0 deletions Kubernetes/GOSS/CKS/06_Monitoring_Logging_and_Runtime_Security.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
**Challenge**: Develop a validating tooling to check against challenge solutions targted toward resolving the the CKS objective "Monitoring, Logging and Runtime Security"
this could be 6 sub-tasks as described in the [CKS website](https://training.linuxfoundation.org/certification/certified-kubernetes-security-specialist/)

* Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities
- Test can check an outputfile for known artifacts that were setup and examinee was supposed to find them using any technique/tooling he knows
* Detect threats within physical infrastructure, apps, networks, data, users and workloads
- that is quite a load of testing, we can break it into more small tests for each, starting with the doable
* Detect all phases of attack regardless where it occurs and how it spreads
- Based on Mitre attack, create an attack scenarios and see if examinee found out which attack we used after saving it in an outfile or providing a mitigation
* Perform deep analytical investigation and identification of bad actors within environment
- againt this could be an output of sysdig inspect with known artifacts
* Ensure immutability of containers at runtime
- check if we can write
* Use Audit Logs to monitor access
- genertae audit events (simulation) and see responses.

**Possible tooling**: use [Goss](https://github.com/aelsabbahy/goss) for local tests, for network it might be extra challenging, however, lets start small.
**Expectations**: score matrix, or GREEN pass for each task done.