Security Documentation Directory Contents¶
Directory Purpose
This directory contains comprehensive documentation about security aspects of the Secure CINC Auditor Kubernetes Container Scanning platform.
Overview Files¶
| File | Description |
|---|---|
| index.md | Overview of security documentation |
| inventory.md | Directory listing of all security documentation |
Security Subdirectories¶
| Directory | Description |
|---|---|
| principles/ | Core security principles documentation |
| risk/ | Security risk analysis documentation |
| compliance/ | Compliance frameworks alignment documentation |
| threat-model/ | Threat modeling and mitigation documentation |
| recommendations/ | Security best practices and recommendations |
Security Principles Section¶
The principles/ directory contains:
| File | Description |
|---|---|
| index.md | Overview of security principles |
| least-privilege.md | Details on least privilege implementation |
| ephemeral-creds.md | Details on ephemeral credentials |
| resource-isolation.md | Details on resource isolation |
| secure-transport.md | Details on secure transport |
| inventory.md | Directory listing |
Risk Analysis Section¶
The risk/ directory contains:
| File | Description |
|---|---|
| index.md | Overview of risk analysis |
| model.md | Risk model and methodology |
| kubernetes-api.md | Risks for Kubernetes API approach |
| debug-container.md | Risks for Debug Container approach |
| sidecar-container.md | Risks for Sidecar Container approach |
| mitigations.md | Risk mitigation strategies |
| inventory.md | Directory listing |
Compliance Section¶
The compliance/ directory contains:
| File | Description |
|---|---|
| index.md | Overview of compliance documentation |
| dod-8500-01.md | DoD Instruction 8500.01 alignment |
| disa-srg.md | DISA Container Platform SRG alignment |
| kubernetes-stig.md | Kubernetes STIG alignment |
| cis-benchmarks.md | CIS Kubernetes Benchmarks alignment |
| approach-comparison.md | Compliance comparison of approaches |
| risk-documentation.md | Requirements for risk documentation |
| inventory.md | Directory listing |
Threat Model Section¶
The threat-model/ directory contains:
| File | Description |
|---|---|
| index.md | Overview of threat modeling |
| attack-vectors.md | Potential attack vectors |
| threat-mitigations.md | Threat mitigation strategies |
| token-exposure.md | Token exposure threats and mitigations |
| lateral-movement.md | Preventing lateral movement |
| inventory.md | Directory listing |
Recommendations Section¶
The recommendations/ directory contains:
| File | Description |
|---|---|
| index.md | Overview of security recommendations |
| enterprise.md | Enterprise security recommendations |
| ci-cd.md | CI/CD security recommendations |
| monitoring.md | Security monitoring recommendations |
| network.md | Network security recommendations |
| inventory.md | Directory listing |
Related Topics¶
- RBAC Configuration - Role-Based Access Control configuration
- Service Accounts - Service account management
- Token Management - Secure token handling
- Kubernetes API Approach - Standard approach security details
- Debug Container Approach - Debug container approach security details
- Sidecar Container Approach - Sidecar approach security details