I have and will always love the challenge of defining cyber security architecture as a practice, process, lifestyle or what about system security architecture.. you know where I am going. So, there is no “cover it all” definition in my mind, as at least an enterprise security architecture is enterprise dependant and must be – it shall be business driven and therefore not globally defined. However, there are a lot of resources that help to define this.
Communicating cyber security will forever be challenging, so whatever tools I find making this easier I like to share. The “good old” Pyramid of Pain (SANS) may be useful to illustrate the complexity of detecting different types of malicious activities, as it is based on typical indicators you might use to detect. I know it does not cover all, but it speaks well. Read the paper yourself and make up your mind.
«The cloud-native ecosystem typically has the four C’s of cloud security: cloud, clusters, containers and code. Each layer builds on the next and insecurities at any layer can impact the layers that follow, such as applications deployed on insecure containers.» Csoonline sais.
Scan them with, e.g., Open-source options such as Anchore and Trivvy during or before deployment.