您的浏览器禁用了javascript(一种计算机语言,用以实现您与网页的交互),请解除该禁用,或者联系尊龙凯时网址。[中国联通]:2023云原生安全威胁分析与能力建设白皮书 -尊龙凯时人生就博
当前位置:尊龙凯时网址首页/行业研究/报告详情/

[中国联通]:2023云原生安全威胁分析与能力建设白皮书 -尊龙凯时人生就博

信息技术2023-12-17中国联通梅***
" data-src="https://public.fxbaogao.com/report-image/2023/12/17/4066041-1.png?x-oss-process=image/crop,x_0,y_0,w_1980,h_2800/resize,p_60" data-sizes="200px" data-error="fx-img-error-default;;;height: 720px;" data-srcset="https://public.fxbaogao.com/report-image/2023/12/17/4066041-1.png?x-oss-process=image/crop,x_0,y_0,w_1980,h_2800/resize,p_60" class="lazy"/>

1云原生安全威胁分析与能力建设白皮书中国联通研究院中国联通网络安全研究院下一代互联网宽带业务应用国家工程研究中心2023年11月 尊龙凯时人生就博的版权声明本报告尊龙凯时人生就博的版权属于中国联合网络通信有限公司研究院,并受法律保护。转载、摘编或利用其他方式使用本报告文字或者观点的,应注明“来源:中国联通研究院”。违反上述声明者,本院将追究其相关法律责任。 云原生安全威胁分析与能力建设白皮书1目录一、云原生安全概述................................................................................................91.1云原生及云原生安全.....................................................................................91.1.1云原生...................................................................................................101.1.2云原生安全...........................................................................................121.2云原生安全发展...........................................................................................141.3云原生安全风险...........................................................................................17二、云原生关键技术威胁全景..............................................................................192.1云原生安全威胁分析...................................................................................192.2路径1:镜像攻击.......................................................................................212.2.1镜像投毒攻击........................................................................................212.2.2镜像仓库攻击........................................................................................222.2.3中间人攻击...........................................................................................222.2.4敏感信息泄露攻击................................................................................222.2.5针对镜像不安全配置的攻击................................................................222.3路径2:容器攻击.......................................................................................232.3.1守护进程攻击........................................................................................232.3.2容器提权和逃逸攻击............................................................................242.3.3拒绝服务攻击........................................................................................25 云原生安全威胁分析与能力建设白皮书22.3.4容器网络攻击........................................................................................262.4路径3:编排工具攻击................................................................................262.4.1k8s组件攻击.........................................................................................272.4.2服务对外暴露攻击................................................................................272.4.3业务pod攻击......................................................................................282.4.4集群环境下的横向攻击........................................................................292.4.5k8s管理平台攻击.................................................................................292.4.6第三方组件攻击....................................................................................292.5路径4:微服务攻击...................................................................................292.5.1api攻击.................................................................................................302.5.2api网关攻击.........................................................................................322.5.3微服务应用攻击....................................................................................322.6路径5:serverless攻击...........................................................................332.6.1事件注入攻击........................................................................................342.6.2敏感数据泄露攻击................................................................................342.6.3身份认证攻击........................................................................................352.6.4权限滥用攻击........................................................................................352.6.5拒绝服务攻击........................................................................................36 云原生安全威胁分析与能力建设白皮书32.6.6针对函数供应链的攻击........................................................................36三、典型攻击场景分析.........................................................................................373.1镜像投毒攻击...............................................................................................373.1.1攻击场景介绍........................................................................................373.1.2攻击过程复现........................................................................................383.2挂载dockersocket导致容器逃逸攻击..................................................383.2.1攻击场景介绍........................................................................................383.2.2攻击过程复现........................................................................................393.3k8s权限提升攻击........................................................................................403.3.1攻击场景介绍........................................................................................403.3.2攻击过程复现........................................................................................413.4istio认证策略绕过攻击...............................................................................433.4.1攻击场景介绍......................

关于尊龙凯时网址

发现报告是苏州互方得信息科技有限公司推出的专业研报平台。平台全面覆盖宏观策略、行业分析、公司研究、财报、招股书、定制报告等内容。通过前沿的技术和便捷的产品体验,为金融从业人员、投资者、市场运营等提供信息获取和整合的专业服务。

商务合作、企业采购、机构入驻、报告发布 > 添加微信:hufangde04

联系尊龙凯时网址

0512-88971002

hfd04@hufangde.com

中国(江苏)自由贸易试验区苏州片区苏州工业园区旺墩路269号星座商务广场1幢圆融中心33楼

微信公众号

发现报告

微信公众号

发现报告商业局

© 2018-2024 苏州互方得信息科技有限公司

||

网站地图