Consultancy

Expert consultancy for strategic solutions and sustainable growth

Threat Modelling

Isolate critical security threats

How we can help secure your AI/ML-enabled systems

Pentesting and Red Team

Kubernetes & Cloud system security testing and training

CRA & OSS Compliance

EU Cyber Resilience Act advisory and secure supply chain

Platform Engineering

Security, policy, and infrastructure as code

Software Supply Chain Security

Secure software delivery from dependencies to distribution

Cloud Native Security Assurance

Enterprise security assessment for infrastructure and applications

DevOps and Deployment

Security, policy, and infrastructure as code

Red and Purple Teams

Breach simulation, incident response, testing and training

Advisory Services

Advisory and regulatory compliance

Enterprise for Flux CD

Training

Our training courses catalog

How we deliver optimal outcomes for your business

Resources

Our success stories

Security reviews and publications

Open source tools and utilities

Hacking Kubernetes

How to Hack Kubernetes

Talks and presentations

Conferences and Engagements

About

About ControlPlane

Learn more about our company

Our core values and ethos

Join our team

Get in touch with us

‹ Publications

CNCF FluxCD Threat Model

Published with TAG Security (Technical Advisory Group on Security, CNCF)

April 5, 2023

Threat model

security gitops threat-modeling supply-chain assurance

ControlPlane, as core maintainers of Flux CD, collaborated with the CNCF Technical Advisory Group (TAG) Security to develop a comprehensive threat model for Flux CD as part of its graduation process. This assessment represents one of the most thorough security evaluations conducted for a CNCF project.

Flux CD’s graduation to a CNCF graduated project required a comprehensive security assessment, demonstrating the project’s maturity, security posture, and readiness for enterprise production deployments. This threat model serves as both a security evaluation and a blueprint for secure Flux CD deployments.

Access Publication

Related Publications

CNCF (Cloud Native Computing Foundation)

CNCF ArgoCD End User Hardening Guide

A guide to hardening ArgoCD for end users.

security gitops threat-modeling

WeaveWorks

Hardening Git for GitOps

How to secure Git workflows for GitOps.

security gitops supply-chain

CNCF (Cloud Native Computing Foundation)

CNCF Envoy Gateway Threat Model

A comprehensive threat model for the Envoy Gateway.

security networking threat-modeling