TTP

Jan 1, 0001

Definition

Tactics, Techniques, and Procedures (TTP) refer to the behavior patterns of cyber adversaries. Tactics describe the overall strategy or goal of an attack, techniques are the general methods used to achieve these goals, and procedures are the specific, detailed steps taken to execute a technique. Understanding TTPs helps in anticipating and mitigating potential threats by recognizing patterns and implementing appropriate defenses.

Secure Settings Example

apiVersion: v1
kind: Pod
metadata:
  name: secure-pod
spec:
  securityContext:
    runAsNonRoot: true
    readOnlyRootFilesystem: true
    allowPrivilegeEscalation: false
  containers:
  - name: secure-container
    image: secure-image:latest
    securityContext:
      capabilities:
        drop:
        - ALL

Insecure Settings Example

apiVersion: v1
kind: Pod
metadata:
  name: insecure-pod
spec:
  securityContext:
    runAsNonRoot: false
    readOnlyRootFilesystem: false
    allowPrivilegeEscalation: true
  containers:
  - name: insecure-container
    image: insecure-image:latest
    securityContext:
      capabilities:
        add:
        - NET_ADMIN

TTP

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter