Show HN: InferShield – A Lightweight Orchestration-Layer Attack Detector (POC) (github.com)
We built InferShield, an open-source Proof of Concept, to explore early detection of such threats. InferShield uses session tracking and event correlation to identify abnormal sequences of orchestration-layer activity.
Example Attack Detection: An attacker uses a compromised API token to inspect deployment configurations, escalate privileges via role misconfiguration, and push modified manifests to introduce malicious containers. InferShield alerts by recognizing the unusual API call sequence.
Limitations: - It's in-memory only, which limits scalability - Detection is limited to rule-based patterns and cannot adapt to unknown attack vectors - This is an experimental tool and should be treated as a starting point, not a solution
We're seeking feedback, contributors for further development, and insights from security researchers on how to strengthen this approach.
0 comments
[ 529 ms ] story [ 925 ms ] threadNo comments yet.