From b65e59d6f1eb692972e770b39fb8952e6c8f31dc Mon Sep 17 00:00:00 2001 From: rinao12 <121787861+rinao12@users.noreply.github.com> Date: Mon, 22 Jul 2024 15:25:12 +0300 Subject: [PATCH] SUB-3901 - New Attack Path -2: External facing database without authentication Signed-off-by: rinao12 <121787861+rinao12@users.noreply.github.com> --- .../workload-unauthenticated-service.json | 27 +++++++++++++++++++ controls/C-0274-unauthenticatedservice.json | 2 +- 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 attack-tracks/workload-unauthenticated-service.json diff --git a/attack-tracks/workload-unauthenticated-service.json b/attack-tracks/workload-unauthenticated-service.json new file mode 100644 index 00000000..42fddd22 --- /dev/null +++ b/attack-tracks/workload-unauthenticated-service.json @@ -0,0 +1,27 @@ +{ + "apiVersion": "regolibrary.kubescape/v1alpha1", + "kind": "AttackTrack", + "metadata": { + "name": "workload-unauthenticated-service" + }, + "spec": { + "version": "1.0", + "data": { + "name": "Initial Access", + "description": "An attacker can access the Kubernetes environment.", + "subSteps": [ + { + "name": "Execution (Vulnerable Image)", + "description": "An attacker can execute malicious code by exploiting vulnerable images.", + "checksVulnerabilities": true, + "subSteps": [ + { + "name": "Data Collection", + "description": "An attacker can gather data." + } + ] + } + ] + } + } +} \ No newline at end of file diff --git a/controls/C-0274-unauthenticatedservice.json b/controls/C-0274-unauthenticatedservice.json index 17d4e11b..d199fb92 100644 --- a/controls/C-0274-unauthenticatedservice.json +++ b/controls/C-0274-unauthenticatedservice.json @@ -11,7 +11,7 @@ ], "attackTracks": [ { - "attackTrack": "workload-external-track", + "attackTrack": "workload-unauthenticated-service", "categories": [ "Data Collection" ]