NSA, CISA have released the Kubernetes Hardening Guidance

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA and Infrastructure Security Agency) today published a Cyber ​​Security Technical Report. It is called "Kubernetes Hardening Guidance”(Download the PDF).

The publication describes in detail the threats to Kubernetes environments and provides configuration instructions to minimize the risk.

210803 d im742 1235 jpg

Kubernetes is an open source system that automates the development, scaling, and management of applications running on containers. Kubernetes clusters are often hosted in a cloud environment and provide additional flexibility compared to traditional software platforms.

Kubernetes are typically targeted for three reasons: to steal data, steal computing power, or use them in denial of service. Η κλοπή δεδομένων είναι παραδοσιακά το κύριο κίνητρο των επιτιθέμενων. Ωστόσο, κακόβουλοι χρήστες μπορεί να επιχειρήσουν να χρησιμοποιήσουν το Kubernetes για να αξιοποιήσουν την υποκείμενη υποδομή ενός δικτύου για υπολογιστική ισχύ για την cryptocurrencies.

The report details how you can secure Kubernetes systems. The main actions include scanning containers and Pods for ή εσφαλμένες ρυθμίσεις, εκτέλεση container και Pods με ελάχιστα προνόμια και χρήση διαχωρισμού δικτύου, τείχη προστασίας, ισχυρό έλεγχο ταυτότητας και έλεγχο καταγραφής.

To ensure application security, system administrators should follow the instructions in the Technical Report and update their systems to minimize the risk. The NSA and CISA also recommend periodic revisions of Kubernetes settings and vulnerability scans to ensure that security fixes are applied.

The NSA and CISA guidelines focus on security challenges and advise system administrators to "harden" their environment where possible. The NSA has released this guide in support of the Department of Defense, the Industrial Defense Base, and the National Security Systems.

Of course, to "build up" her profile a bit, since everyone from him and then they know what work he performs as a service.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

cisaKubernetes Hardening GuidanceNSA

Kubernetes Hardening Guidance, NSA, CISA, iguru, iguru.gr

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).