mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 23:14:55 +03:00
mukul975
29 lines
1.2 KiB
Markdown
29 lines
1.2 KiB
Markdown
# Standards and References - Container Drift Detection
|
|
|
|
## Industry Standards
|
|
|
|
### NIST SP 800-190: Application Container Security Guide
|
|
- Section 3.3: Containers modified at runtime indicate compromise
|
|
- Section 4.2: Monitor containers for unauthorized changes
|
|
- Recommends treating containers as immutable infrastructure
|
|
|
|
### CIS Kubernetes Benchmark v1.9
|
|
- Control 5.2.8: Minimize container readOnlyRootFilesystem
|
|
- Control 5.7.3: Apply security contexts to pods
|
|
- Control 5.7.4: Default namespace restrictions
|
|
|
|
### MITRE ATT&CK for Containers
|
|
- T1610: Deploy Container -- unauthorized container deployment
|
|
- T1611: Escape to Host -- container boundary violation
|
|
- T1059.004: Unix Shell execution in containers
|
|
- T1105: Ingress Tool Transfer -- downloading tools into containers
|
|
|
|
## Compliance Mapping
|
|
|
|
| Requirement | Framework | Drift Detection Capability |
|
|
|-------------|-----------|--------------------------|
|
|
| Change detection | PCI DSS 11.5 | File integrity monitoring in containers |
|
|
| Unauthorized software | SOC 2 CC6.8 | Binary execution drift alerts |
|
|
| Configuration management | ISO 27001 A.12.1 | Image digest verification |
|
|
| Incident detection | NIST CSF DE.CM-7 | Runtime behavioral anomaly detection |
|