Episode
Understanding the DevOps Threat Matrix | Defender for Cloud in the Field
In this episode of Defender for Cloud in the Field, Ariel Brukman joins Yuri Diogenes to talk about the DevOps Threat Matrix. Ariel talks about the process of creating a new threat matrix for a very complex domain such as DevOps, what it was found during the research process and how the research evolved to create this threat matrix. Ariel also talks about how to use the threat matrix to improve your DevOps defenses, and he gives examples of some common attacks against DevOps environments.
Chapters
- 02:49 - The research leading to DevOps Matrix publication
- 05:35 - Threats in the execution phase
- 08:50 - Privilege escalation phase
- 13:00 - Common patterns of attack
- 13:42 - Recommendations to build better defenses
Recommended resources
- Learn more
- Subscribe to Microsoft Security on YouTube
- Join our Tech Community
- For more about Microsoft Security
Connect
- Microsoft Security | Twitter: @msftsecurity | LinkedIn: /in/microsoft-security
In this episode of Defender for Cloud in the Field, Ariel Brukman joins Yuri Diogenes to talk about the DevOps Threat Matrix. Ariel talks about the process of creating a new threat matrix for a very complex domain such as DevOps, what it was found during the research process and how the research evolved to create this threat matrix. Ariel also talks about how to use the threat matrix to improve your DevOps defenses, and he gives examples of some common attacks against DevOps environments.
Chapters
- 02:49 - The research leading to DevOps Matrix publication
- 05:35 - Threats in the execution phase
- 08:50 - Privilege escalation phase
- 13:00 - Common patterns of attack
- 13:42 - Recommendations to build better defenses
Recommended resources
- Learn more
- Subscribe to Microsoft Security on YouTube
- Join our Tech Community
- For more about Microsoft Security
Connect
- Microsoft Security | Twitter: @msftsecurity | LinkedIn: /in/microsoft-security
Have feedback? Submit an issue here.