of attack techniques to Kubernetes https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/
with Rebuilded Kubernetes Threat Matrix Add attack detection rules ・Add read environment variable from /proc files - falco#2193 ・Add rule to detect bypass by symlink files - falco#2202 ・Add containerd.sock to sensitive_vol_mount - k8saudit#146 ・Add Launch Excessively Capable Pod into k8saudit rule - k8saudit#147 Fix attack detection rules ・Add GKE default pod into allowlist in Mount Launched rule - falco#2198 ・Fix mount detection in falco_rules.yaml - falco#2199 ・Fix k8saudit rule EphemeralContainers Created - k8saudit#151 Fix ・Add ka.sourceips in k8saudit plugin - k8saudit#143 ・Add userAgent to auditEvent - stackdriver-webhook-bridge#16 Created 9PR to OSS Contribute not only Mercari but Kubernetes Security