Consultancy

Expert consultancy for strategic solutions and sustainable growth

Threat Modelling

Isolate critical security threats

How we can help secure your AI/ML-enabled systems

Pentesting and Red Team

Kubernetes & Cloud system security testing and training

CRA & OSS Compliance

EU Cyber Resilience Act advisory and secure supply chain

Platform Engineering

Security, policy, and infrastructure as code

Software Supply Chain Security

Secure software delivery from dependencies to distribution

Cloud Native Security Assurance

Enterprise security assessment for infrastructure and applications

DevOps and Deployment

Security, policy, and infrastructure as code

Red and Purple Teams

Breach simulation, incident response, testing and training

Advisory Services

Advisory and regulatory compliance

Enterprise for Flux CD

Training

Our training courses catalog

How we deliver optimal outcomes for your business

Resources

Our success stories

Security reviews and publications

Open source tools and utilities

Hacking Kubernetes

How to Hack Kubernetes

Talks and presentations

Conferences and Engagements

About

About ControlPlane

Learn more about our company

Our core values and ethos

Join our team

Get in touch with us

‹ Publications

CNCF Envoy Gateway Threat Model

Published with CNCF (Cloud Native Computing Foundation)

February 20, 2022

Threat model

security networking threat-modeling infrastructure

ControlPlane developed a comprehensive threat model for Envoy Gateway, a critical ingress controller project under the Cloud Native Computing Foundation (CNCF). This threat model provides security guidance for organizations deploying Envoy Gateway in production environments.

Access Publication

Related Publications

O'Reilly Media

Hacking Kubernetes

The definitive guide to Kubernetes offensive and defensive security.

security kubernetes threat-modeling

FS-ISAC (Financial Services Information Sharing and Analysis Center)

Financial Services User Group Kubernetes Threat Model

Financial services-specific threat model for Kubernetes.

security kubernetes threat-modeling

Google Cloud Platform

CIS Benchmarks for Google Kubernetes Engine

Center for Internet Security hardening guide for GKE.

security kubernetes compliance