A Purple Team Approach to Attack Automation in the Cloud Native Environment

Thumbnail Image

Files

master_Chaplinska_Svitlana_2022.pdf (2.73 MB)

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2022-08-22

Department

Major/Subject

Security and Cloud Computing

Mcode

SCI3113

Degree programme

Master’s Programme in Security and Cloud Computing (SECCLO)

Language

en

Pages

68

Series

Abstract

The threat landscape is changing with the increased popularity of cloud native systems. Adversaries are adopting new ways to attack systems. Therefore, security specialists have to adopt new approaches to their security practices. This thesis explores a purple team approach to attack automation in a cloud native environment. There are two thesis goals. The first goal is to investigate cyber threats encountered in cloud native environments. The second goal is build an attack automation tool to improve a purple team evaluation of the cloud native environments. As a result, we create a more comprehensive resource of cloud native threats that we refer to as the Cloud Native Threat Matrix. Based on this matrix, we build a tool for attack automation. The tool follows the assume breach approach, providing defense-in-depth security testing. As a final step, we propose an improvement to the purple team evaluation of the cloud native environments, that combines created Cloud Native Threat Matrix with an automated attack techniques execution and active collaboration as a fundamental concept of purple team evaluations. A Cloud Native Threat Matrix solves the problem of scattered threat data, providing a coherent and easy-to-use platform. In addition, the automation provides a possibility for rerunning security evaluations and making sure that security weaknesses are not re-introduced during major changes. A purple team approach allows improving system defense and response capabilities.

Description

Supervisor

Di Francesco, Mario

Thesis advisor

Ekstedt, Mathias
Makkonen, Tuomo

Keywords

automation, cloud native, security, threat

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202208305238

Collections

[dipl] Perustieteiden korkeakoulu / SCI