creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/detecting-container-drift-at-runtime/references/standards.md
T

1.2 KiB
Raw Blame History

Standards and References - Container Drift Detection

Industry Standards

NIST SP 800-190: Application Container Security Guide

  • Section 3.3: Containers modified at runtime indicate compromise
  • Section 4.2: Monitor containers for unauthorized changes
  • Recommends treating containers as immutable infrastructure

CIS Kubernetes Benchmark v1.9

  • Control 5.2.8: Minimize container readOnlyRootFilesystem
  • Control 5.7.3: Apply security contexts to pods
  • Control 5.7.4: Default namespace restrictions

MITRE ATT&CK for Containers

  • T1610: Deploy Container -- unauthorized container deployment
  • T1611: Escape to Host -- container boundary violation
  • T1059.004: Unix Shell execution in containers
  • T1105: Ingress Tool Transfer -- downloading tools into containers

Compliance Mapping

Requirement Framework Drift Detection Capability
Change detection PCI DSS 11.5 File integrity monitoring in containers
Unauthorized software SOC 2 CC6.8 Binary execution drift alerts
Configuration management ISO 27001 A.12.1 Image digest verification
Incident detection NIST CSF DE.CM-7 Runtime behavioral anomaly detection
Reference in New Issue View Git Blame Copy Permalink