The cloud native ecosystem currently has no consistent Open Source Threat Intelligence. The community initiative "The Kubernetes Storm Center" aims to change that.
In this talk, we show how a non-expert would use a "Honey-Cluster" to practically validate threat modelling predictions and quantify the relative risk of different attack vectors. And, as an optional step, how to contribute the collected threat intelligence to (open) upstream databases such as MISP, by mapping the threats onto MITRE.

After a general introduction, we detail how to utilize and adopt our method that, based on a given threat model:
a) generates a Kubernetes-based environment with embedded eBPF trip-wires, enabling the detection of real attacker paths without interference,
b) exposes these simulated environments to the wild to observe quantitative threat intelligence in action, and
c) informs cost-effective decisions for a defensive team.
We discuss recent community development and remaining caveats, emphasise the critical role of automation in scalability across diverse threat models, live showcase one quantified attack tree and discuss data we have collected from experiments, so far.

To benefit the Kubernetes ecosystem, this accessible framework can be crowd-sourced into an open source threat intelligence capturing network for risk exposure quantification.