OWASP GKE Goat

The purpose of GKE Goat is to empower security professionals, cloud engineers, and DevOps teams with practical offensive and defensive skills for GKE environments, addressing the current lack of specialized hands-on training.

Road Map

• Current State: ** Create open-source hands-on labs for GCP GKE misconfigurations and vulnerabilities. ** Developed detailed documentation to accompany lab walk-through and theoretical concepts. ** Implementation of initial attack & defense scenarios with IAM and Kubernetes RBAC. ** Continue using mdbook for documentation.

• Short-Term Goals: ** Deployment scripts to be in Terraform. ** Expand the labs demonstrating GKE-specific vulnerabilities. ** Expand the defensive scenarios, adding advance topics such as network policies. ** Add quizes for interaction.

• Long-Term Objectives: ** Practical insights for hardening GKE clusters and integrated GCP services, derived from attack simulations. ** Add more security learnings for GKE in the documentation like PodSecurityContext, etc. ** Develop a community forum to facilitate participant interaction, knowledge sharing, and collaborative learning. ** Integrate existing GKE security issues.