A Purple Team Approach to Attack Automation in the Cloud Native Environment

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Date
2022-08-22
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3113
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
68
Series
Abstract
The threat landscape is changing with the increased popularity of cloud native systems. Adversaries are adopting new ways to attack systems. Therefore, security specialists have to adopt new approaches to their security practices. This thesis explores a purple team approach to attack automation in a cloud native environment. There are two thesis goals. The first goal is to investigate cyber threats encountered in cloud native environments. The second goal is build an attack automation tool to improve a purple team evaluation of the cloud native environments. As a result, we create a more comprehensive resource of cloud native threats that we refer to as the Cloud Native Threat Matrix. Based on this matrix, we build a tool for attack automation. The tool follows the assume breach approach, providing defense-in-depth security testing. As a final step, we propose an improvement to the purple team evaluation of the cloud native environments, that combines created Cloud Native Threat Matrix with an automated attack techniques execution and active collaboration as a fundamental concept of purple team evaluations. A Cloud Native Threat Matrix solves the problem of scattered threat data, providing a coherent and easy-to-use platform. In addition, the automation provides a possibility for rerunning security evaluations and making sure that security weaknesses are not re-introduced during major changes. A purple team approach allows improving system defense and response capabilities.
Description
Supervisor
Di Francesco, Mario
Thesis advisor
Ekstedt, Mathias
Makkonen, Tuomo
Keywords
automation, cloud native, security, threat
Other note
Citation