CISA/NSA - Kubernetes Hardening Guidance
- 04 Aug 2021
- 1 Minute to read
- DarkLight
CISA/NSA - Kubernetes Hardening Guidance
- Updated on 04 Aug 2021
- 1 Minute to read
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
U/OO/168286-21 | PP-21-1104 | August 2021 Ver. 1.0 iv
National Security Agency and Cybersecurity and Infrastructure Security Agency
Click here to read on NSA website.
Executive summary
Kubernetes® is an open-source system that automates the deployment, scaling, and management of applications run in containers, and is often hosted in a cloud environment. Using this type of virtualized infrastructure can provide several flexibility and security benefits compared to traditional, monolithic software platforms. However, securely managing everything from microservices to the underlying infrastructure introduces other complexities. The hardening guidance detailed in this report is designed to help organizations handle associated risks and enjoy the benefits of using this technology.
Three common sources of compromise in Kubernetes are supply chain risks, malicious threat actors, and insider threats.
Was this article helpful?