This article has been indexed from DZone Security Zone
The NSA and CISA recently released a guide on Kubernetes hardening. Now that we explored the Threat Model and had a refresher on K8s components (see the first part), let’s dive into the recommendations of the Hardening Guidance.
1 Pod Security
Pods are the smallest deployable Kubernetes unit and consist of one or more containers. Pods are often a cyber actor’s initial execution environment upon exploiting a container. For this reason, Pods should be hardened to make exploitation more difficult and to limit the impact of a successful compromise.
Read the original article: Hardening Your Kubernetes Cluster: Guidelines (Part 2)