simulator v2.0 releases: Kubernetes Security Training Platform

by do son · Published November 23, 2019 · Updated January 10, 2024

Simulator

A distributed systems and infrastructure simulator for attacking and debugging Kubernetes: simulator creates a Kubernetes cluster for you in your AWS account; runs scenarios that misconfigure it and/or leave it vulnerable to compromise and trains you in mitigating against these vulnerabilities.

Why did I start this?

I started this project as I needed a way to provide hands-on Container and Kubernetes security training to engineers and could not find an appropriate solution in the marketplace (although KataCoda came close). I have had a lot of success in the past with building bespoke training environments as I have found that the engagement and retention obtained from these systems far exceeds that of slideware or reading books. By simulating a scenario, engineers are allowed to understand the strengths and weaknesses of a system and mitigate the latter in a real-world simulation, using real-world tools.

The ultimate vision of this project is to have a multi-player environment where we can pit the blue team, red team and forensics team members against each other. The red team member would be presented with a security problem for investigation and to demonstrate that they can exploit it. Upon completion, the exercise would move to the forensics team member who would examine logs files and the system to gain an understanding of the issue and timeline of the incident. This would be followed by the blue team member who would be tasked with mitigating the issue. By creating scenarios incorporating the multiple security teams we create an environment where teams can increase collaboration.