1metadata:
2 id: EXAMPLE-RISK-CATALOG
3 type: RiskCatalog
4 gemara-version: "1.1.0"
5 version: "1.0.0"
6 description: Example Risk Catalog for cloud-native container environments
7 author:
8 id: risk-management-team
9 name: Risk Management Team
10 type: Human
11 mapping-references:
12 - id: EXAMPLE-THREAT-CATALOG
13 title: Example Threat Catalog
14 version: "1.0.0"
15 description: Container security threat catalog
16
17title: Cloud-Native Container Risk Catalog
18
19groups:
20 - id: CAT-OPERATIONAL
21 title: Operational Risk
22 description: Risks arising from failures in internal processes, systems, or external events that affect service availability and reliability
23 appetite: Moderate
24 - id: CAT-SECURITY
25 title: Security Risk
26 description: Risks arising from unauthorized access, data breaches, or exploitation of system vulnerabilities
27 appetite: Low
28 max-severity: High
29 - id: CAT-COMPLIANCE
30 title: Compliance Risk
31 description: Risks arising from failure to comply with applicable laws, regulations, or industry standards
32 appetite: Minimal
33
34risks:
35 - id: RISK-001
36 title: Container Image Supply Chain Compromise
37 description: Third-party or base container images may contain known vulnerabilities or malicious code, leading to exploitation at runtime.
38 group: CAT-SECURITY
39 severity: High
40 rank: 2
41 owner:
42 responsible:
43 - name: Platform Engineering Lead
44 affiliation: Platform Team
45 email: platform-lead@example.org
46 accountable:
47 - name: Chief Information Security Officer
48 affiliation: Security
49 email: ciso@example.org
50 impact: Unauthorized code execution in production workloads, potential data exfiltration, and lateral movement across the cluster.
51 threats:
52 - reference-id: EXAMPLE-THREAT-CATALOG
53 entries:
54 - reference-id: THREAT-001
55
56 - id: RISK-002
57 title: Container Escape Leading to Host Compromise
58 description: Misconfigured or unpatched container runtimes may allow an attacker to escape container isolation and access the host.
59 group: CAT-SECURITY
60 severity: Critical
61 owner:
62 responsible:
63 - name: Platform Engineering Lead
64 affiliation: Platform Team
65 email: platform-lead@example.org
66 accountable:
67 - name: Chief Information Security Officer
68 affiliation: Security
69 email: ciso@example.org
70 consulted:
71 - name: Infrastructure Architect
72 affiliation: Architecture
73 impact: Full compromise of the underlying node, access to secrets, and disruption of co-located workloads.
74 threats:
75 - reference-id: EXAMPLE-THREAT-CATALOG
76 entries:
77 - reference-id: THREAT-002
78
79 - id: RISK-003
80 title: Regulatory Non-Compliance from Unaudited Deployments
81 description: Deploying workloads without automated compliance gates may result in violations of regulatory requirements.
82 group: CAT-COMPLIANCE
83 severity: Medium
84 impact: Regulatory fines, audit findings, and reputational damage.
85
86 - id: RISK-004
87 title: Cluster Admin Credential Exposure
88 description: Long-lived admin credentials for the cluster control plane may be exposed through logs, tickets, or shared stores.
89 group: CAT-SECURITY
90 severity: High
91 rank: 1
92 impact: Full cluster compromise; all workloads and secrets on the platform are at risk.