Run a Red-Team Exercise on a Cloud-Native Microservices Platform
Overview
What this challenge is about.
Receive a scoped engagement letter (in-scope: 6 microservices and their CI/CD pipelines; out-of-scope: customer-data exfiltration beyond proof-of-access), the architecture diagram, and a starting foothold (a compromised CI-runner workload identity). Plan 4 attack chains aligned to MITRE ATT&CK: (1) CI runner -> service account abuse -> cluster API, (2) sidecar SSRF -> instance metadata -> assumed role, (3) mesh-policy bypass via raw-pod traffic, (4) supply-chain (malicious dependency in a container image). Execute each chain with reproducible steps, capture evidence (screenshots, command logs), and stop at proof-of-access. Deliver a 20-page red-team report (executive + technical), a per-chain attack diagram, the artifact bundle, and a 6-page recommendation memo for the security director.
The Brief
What you'll do, and what you'll demonstrate.
Execute 4 cloud-native attack chains from a documented initial foothold and produce a red-team report that the blue team can act on.
Earning criteria — what you'll demonstrate
- Plan a scoped red-team engagement that respects rules of engagement
- Execute cloud-native attack chains end-to-end with reproducible evidence
- Map every step to MITRE ATT&CK for blue-team consumption
- Write a red-team report that drives detection improvements, not blame
Program Fit
Where this fits in your program.
Sharpens the same skills your degree expects you to demonstrate.
Skills
Skills you'll demonstrate.
Each one shows up on your verified credential.
Careers
Roles this prepares you for.
Real titles. Real skill bridges. Pick the one closest to your trajectory.
Career mappings coming soon.