Merge pull request #307 from DataDog/zenithar/doc_add_graph_model_page

chore(doc): add graph model page.

docs/reference/attacks/CE_PRIV_MOUNT.md

@@ -59,14 +59,14 @@ mount /dev/vda1 /mnt/hostfs
 ls -lah /mnt/hostfs/
 ```
 
-With the disk now writeable from the container, follow the steps in [EXPLOIT_HOST_WRITE](./EXPLOIT_HOST_WRITE.md#Exploitation).
+With the disk now writeable from the container, follow the steps in [EXPLOIT_HOST_WRITE](./EXPLOIT_HOST_WRITE.md#exploitation).
 
 ## Defences
 
 ### Monitoring
 
 + Monitor `mount` events originating from containers
-+ See [EXPLOIT_HOST_WRITE](./EXPLOIT_HOST_WRITE.md#Defences)
++ See [EXPLOIT_HOST_WRITE](./EXPLOIT_HOST_WRITE.md#defences)
 
 ### Implement security policies
 

docs/reference/entities/index.md

@@ -7,6 +7,8 @@ hide:
 
 Tne entities represents all the vertices in KubeHound graph model. Those are an abstract representation of a Kubernetes component that form the vertices of the graph.
 
+## Entities
+
 !!! note
 
     For instance: [PERMISSION_SET](./permissionset.md) is an abstract of Role and RoleBinding.

docs/reference/graph/index.md

@@ -0,0 +1,21 @@
+---
+hide:
+  - toc
+---
+
+# Reference
+
+## Graph model
+
+In the diagram below, you can see how the KubeHound graph model organizes entities 
+as nodes and attack paths as the edges that connect them. This structure not only 
+makes it easier to visualize the attack surface but also powers Gremlin queries 
+to actively explore and analyze security weaknesses across your Kubernetes 
+infrastructure.
+
+![Graph Model](../../images/graph-model.drawio.png)
+
+## Graph Database
+
+- [JanusGraph schema](https://github.com/DataDog/KubeHound/blob/main/deployments/kubehound/graph/kubehound-db-init.groovy)
+- [Programmatically parsable schema](graph.yaml)

docs/references.md

@@ -16,7 +16,7 @@ Updated version of the Pass The Salt Workshop. Prerequisites are listed on [kube
 
 ### [KubeHound: Identifying attack paths in Kubernetes clusters at scale with no hustle](https://pretalx.com/hack-lu-2024/talk/HWDZGZ/)
 
-[Recording :fontawesome-brands-youtube:{ .youtube } ](https://www.youtube.com/watch?v=h-dD7PQC4NA){ .md-button .md-button--youtube } [Slides :fontawesome-solid-file-pdf:{ .pdf } ](files/hacklu24/Kubehound-HackLu24-slides.pdf){ .md-button }
+[Recording :fontawesome-brands-youtube:{ .youtube } ](https://www.youtube.com/watch?v=h-dD7PQC4NA){ .md-button .md-button--youtube } [Slides :fontawesome-solid-file-pdf:{ .pdf } ](files/hacklu24/Kubehound-HackLu2024-slides.pdf){ .md-button }
 
 This presentation explains the genesis behind the tool and a brief introduction to what Kubernetes security is. We showcase the three main usage for KubeHound:
 

docs/terminology.md

@@ -24,4 +24,4 @@ All edges in the KubeHound graph represent a net "improvement" in an attacker's
 
 **Critical Asset**
 
-An entity in KubeHound whose compromise would result in cluster admin (or equivalent) level access.
+An entity in KubeHound whose compromise would result in cluster admin (or equivalent) level access.

docs/user-guide/getting-started.md

@@ -122,6 +122,10 @@ We also provide a showcase [Jupyter Notebook](https://github.com/DataDog/KubeHou
 
 ## Visualize and query the KubeHound data
 
+!!! note
+
+    You can find the visual representation of the KubeHound graph model [here](../reference/graph/index.md).
+
 Once the data is loaded in the graph database, it's time to visualize and query it!
 
 You can explore it interactively in your graph client. Then, refer to KubeHound's [query library](../queries/index.md) to start asking questions to your data.

mkdocs.yml

@@ -97,6 +97,7 @@ nav:
       - Wiki: dev-guide/wiki.md
       - Datadog setup: dev-guide/datadog.md
   - Attack Techniques Reference:
+      - Graph: reference/graph/index.md
       - ... |reference/*/*.md
       #- Attacks: reference/attacks/index.md
       #- Entities: reference/entities/index.md