List of changes

1. Added new "Attack Track" definitions

We have 3 attack tracks:

Container
Kube API
Node

Attack tracks will be published as an artifact in the release (similar to frameworks).
Export python script was updated accordingly.

2. Existing controls were updated with attack track information

A control is associated to specific step(s) in an attack track. (attackTracks attribute)
A control can be associated with different tags (controlTypeTags attribute)

Base score is also updated for some controls.

3. Removed duplications - consolidated export.py and export-dev.py

4. Controls were marked inactive

Application exploit (RCE)
Bash/cmd inside container
Vulnerable application
Access tiller endpoint

kubescape/regolibrary v1.0.195
Release v1.0.195

on GitHub

List of changes

1. Added new "Attack Track" definitions

2. Existing controls were updated with attack track information

3. Removed duplications - consolidated export.py and export-dev.py

4. Controls were marked inactive

5. "Resource policies" control renamed to "Resource limits"

kubescape/regolibrary v1.0.195 Release v1.0.195 on GitHub

List of changes

1. Added new "Attack Track" definitions

2. Existing controls were updated with attack track information

3. Removed duplications - consolidated export.py and export-dev.py

4. Controls were marked inactive

5. "Resource policies" control renamed to "Resource limits"

kubescape/regolibrary v1.0.195
Release v1.0.195

on GitHub