Skip to content

Core Concepts

Overview

Security Emphasis

Understanding core concepts is essential for making informed security decisions. This learning path establishes a solid foundation in the security principles that underpin Kube CINC Secure Scanner.

This learning path introduces the fundamental concepts and security principles of Kube CINC Secure Scanner. By completing this path, you will understand the architecture, scanning approaches, and security considerations that form the foundation of the scanner.

Time to complete: 60 minutes

Target audience: DevOps engineers, Security professionals, Platform engineers

Security level: Basic to Intermediate

Prerequisites

  • Basic understanding of Kubernetes
  • Familiarity with container security concepts
  • Completed the New User Guide or equivalent experience

Learning Path Steps

Step 1: Architecture Overview

Security Consideration

Understanding the architecture helps you identify potential security boundaries and trust relationships between components.

  1. Review the architecture documentation:
  2. Architecture Overview
  3. Core Components
  4. Security Components

  5. Component Communication

  6. Study the architecture diagrams:

  7. Component Diagrams
  8. Deployment Diagrams

Estimated time: 20 minutes

Success criteria: You can describe the main components of Kube CINC Secure Scanner and how they interact from a security perspective.

Step 2: Scanning Approaches

Security Consideration

Each scanning approach has different security implications and tradeoffs that must be understood to make appropriate security decisions.

  1. Learn about the different scanning approaches:
  2. Approaches Overview
  3. Approach Comparison

  4. Decision Matrix

  5. Understand the details of each approach:

  6. Kubernetes API Approach
  7. Sidecar Container Approach
  8. Debug Container Approach
  9. Direct Commands Approach
  10. Helper Scripts Approach

Estimated time: 20 minutes

Success criteria: You can explain the security tradeoffs between different scanning approaches and identify which is most appropriate for different security scenarios.

Step 3: Security Model

Security Consideration

A thorough understanding of the security model helps you implement defense-in-depth strategies appropriate for your environment.

  1. Review the security model documentation:
  2. Security Overview
  3. Security Principles
  4. Threat Model

  5. Risk Model

  6. Understand potential attack vectors:

  7. Attack Vectors
  8. Lateral Movement

  9. Token Exposure

  10. Learn about mitigations:

  11. Threat Mitigations
  12. Risk Mitigations

Estimated time: 20 minutes

Success criteria: You can describe the security model, identify key risks, and explain relevant mitigations.

Security Considerations

This section provides a comprehensive overview of security considerations for understanding core concepts:

  • Trust Boundaries: Understand where trust boundaries exist between components and how they affect security decisions
  • Defense in Depth: Recognize how multiple security controls work together to provide layered defense
  • Security Tradeoffs: Understand the security implications of different architectural and deployment choices
  • Threat Awareness: Identify potential threats to the scanner and how they're mitigated in the design
  • Risk Management: Understand how risk is assessed and managed throughout the scanner's architecture

Compliance Relevance

This learning path helps address the following compliance requirements:

  • Security Control Documentation - Provides understanding needed to document security controls for audits
  • Risk Assessment - Establishes foundation for risk assessment activities
  • Security Architecture - Supports documentation of security architecture for compliance frameworks

Next Steps

After completing this learning path, consider: