NSA, CISA issue Kubernetes security guidance
To help systems administrators better secure Kubernetes, the open-source container orchestration tool, the National Security Agency and the Cybersecurity and Infrastructure Security Agency have released a new report, “Kubernetes Hardening Guidance,” that details threats to Kubernetes environments and provides configuration guidance to minimize risk.
Kubernetes clusters, which are often hosted in a cloud environment, provide increased flexibility compared to traditional software platforms, but are commonly targeted by attackers looking to steal data or computer power for cryptocurrency mining or conduct denial of service attacks, according to NSA officials. Like most systems, they are vulnerable to supply chain hacks, attacks from malicious threat actors and insider threats.
The report recommends hardening Kubernetes systems by scanning containers and pods for vulnerabilities or misconfigurations, running containers and pods with the least privileges possible and using network separation, firewalls, strong authentication, and log auditing.
While the guidance targets administrators of National Security Systems and critical infrastructure organizations, administrators of federal and state, local, tribal, and territorial government networks are also encouraged to implement the recommendations provided.
Connect with the GCN staff on Twitter @GCNtech.