1

I'm trying to create an assignment for students to do that contains the following :

  1. A docker image with issues that have to be scanned and remedied. (using an opensource scanner in kubernetes)
  2. (Maybe) A sample attack scenario that can exploit those vulnerabilities.

The problem arises when I try to find a suitable vulnerable image or create one. I cannot find a base of security issues at all. I really bend my back thinking of a suitable phrase in Google but everything leads merely to some blog posts about how-to scan an image. I expected a database that might contain multiple sec issues and what causes them. I'd also expect some way to discern which are the most popular ones.

Do you have the source I require ? Maybe you can just offer me 3-4 common security issues that are good to know and educational when having your first brush with docker ? (And how to create those issues ?)

The whole situation would have been probably easier if I myself would have been an expert in the field, but the thing I do is also my assignment as a student. (So as students we design assignments for each other. )

SirResnick2
  • 11
  • 2
  • Take a look at https://www.aquasec.com/products/container-security/,I am sure there are plenty orf resources here that can somehow help you. – Richard Rublev Dec 02 '22 at 05:40
  • You could pick a security vulnerability like [Log4J's RCE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832), find a version of Log4J which is vulnerable to this attack, and install it into an image. – Nick ODell Dec 02 '22 at 06:08

1 Answers1

1

Looks like you are looking for the Container security hardening and Kubernetes security options maybe.

You can use some tools like

  • kubesec - Security risk analysis for Kubernetes resources
  • checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open-source packages
  • Trivy - vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

If you are looking for some questions you can set like, this is CKS (Certified Kubernetes Security) exam question

  • There are a number of pods/container running in the "spectacle" namespace. Identify and delete the pods which have CRITICAL vulnerabilities.

For this trivy opensource tools comes into the picture to scan the image that you will be using in the deployment of Kubernetes or docker

trivy image --severity CRITICAL nginx:1.16 (Image running in container)

List of few questions you can create lab out of it : https://github.com/moabukar/CKS-Exercises-Certified-Kubernetes-Security-Specialist/tree/main/7-mock-exam-questions

Harsh Manvar
  • 27,020
  • 6
  • 48
  • 102