Articles

Kubernetes Security Guide: High-Level K8s Hardening Guide

,

This is an article from DZone’s 2021 Kubernetes and the Enterprise Trend Report.

For more:

Read the Report

As more organizations have begun to embrace cloud-native technologies, Kubernetes adoption has become the industry standard for container orchestration. This shift toward Kubernetes has largely automated and simplified the deployment, scaling, and management of containerized applications, providing numerous benefits over legacy management protocols for traditional monolithic systems. However, securely managing Kubernetes at scale comes with a unique set of challenges, including hardening the cluster, securing the supply chain, and detecting threats at runtime. 

Source de l’article sur DZONE

/par

Introducing kube-hunter: an Open Source Tool for Discovering Security Issues in Kubernetes Clusters

,

Aqua Security has been actively participating in the open source community around Kubernetes security, including contributing significantly to the kube-bench project. We have followed that up with the release of the kube-hunter project, named for its ability to hunt for security weaknesses in Kubernetes clusters. Kube-hunter enables Kubernetes administrators, operators and security teams to identify weaknesses in their deployments and address those issues before attackers can exploit them.  

Kube-hunter augments the CIS validation for K8s deployments provided by kube-bench with discovery and penetration testing capabilities. In that respect it works much like an automated penetration testing tool — you give it the IP or DNS name of your Kubernetes cluster, and it will probe for security issues and alert you, for example, if your dashboard is open or your kubelets are accessible. Use kube-hunter to find Kubernetes installations in your environments, assess them for potential security risks, and receive suggestions on remediation for a wide range of vulnerabilities.

Source de l’article sur DZONE

/0 Commentaires/par