Understanding the DevOps Threat Matrix
Episode description: In this episode of Defender for Cloud in the Field, Ariel Brukman joins Yuri Diogenes to talk about the DevOps Threat Matrix. Ariel talks about the process of creating a new threat matrix for a very complex domain such as DevOps, what it was found during the research process and how the research evolved to create this threat matrix. Ariel also talks about how to use the threat matrix to improve your DevOps defenses, and gives examples of some common attacks against DevOps environments.
- 02:49 - The research leading to DevOps Matrix publication
- 05:35 - Threats in the execution phase
- 08:50 - Privilege escalation phase
- 13:00 - Common patterns of attack
- 13:42 - Recommendations to build better defenses
Recommended resources
Learn more about the DevOps Threat Matrix
Subscribe to Microsoft Security on YouTube
Learn more about Microsoft Security
Follow us on social media:
Join our Tech Community