How to increase the security posture of a Kubernetes cluster is always top of mind for cluster administrators.
Produced by the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), it details the most critical threats to the security of Kubernetes environments, providing guidance for cluster configuration in order to minimize risk.
More specifically, the report focusses on hardening techniques in three main areas:
- Container and Pod scanning for vulnerabilities, weaknesses, and misconfiguration
- Running containers and Pods with the most restrictive set of privileges possible
- Network security recommendations for firewall configuration, network separation, authentication, and log auditing
You can download the report from https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF