STRIDE threat modeling on Kubernetes pt.4/6: Information disclosure
This is the fourth part of a series about STRIDE threat modeling in Kubernetes. In the previous part we talked about repudiation, instead today we’ll going to address information disclosure. Information disclosure happens with data leaks or data breaches, whenever a system that is designed to be closed to an eavesdropper unintentionally reveals some information to unauthorized parties. To prevent this we should protect data in transit and at rest by guaranteeing confidentiality, which can be guaranteed with encryption....