Kubernetes is a commonly used container orchestration tool providing scalability and resilience to enterprises utilizing containerized applications. Whether it may be internal policies or for compliance reasons, it is always beneficial to perform security assessments to proactively find vulnerabilities or misconfigurations. This may lower probability of a compromise occurring, and minimize the impact if it happens.
What is assessed in a Kubernetes security review?
When doing a Kubernetes security review the initial perspective can vary, it may be from the perspective of a compromised pod, a specific namespace or an employee with developer access. From here publicly known attack paths will be evaluated in an attempt to reach sensitive information or cluster-wide compromise.
In addition, CIS benchmarks will be used as a foundation for the assessment making sure that industry standard best-practices is evaluated in the environment. The Center for Internet Security (CIS) is a nonprofit organization that enhances cybersecurity readiness and response across public and private sectors. CIS provides extensive checklists in terms of best practices for security configurations.
Deliverables after conducting a security review
By the end of the assessment a de-briefing meeting with key stakeholders will be held to present the findings from the assessment, discuss recommendations and address questions or concerns. After the de-brief meeting the report will be delivered which includes an assessment description, a results & recommendations section and an executive summary. The executive summary is commonly used as a customer facing report showing proactive work in the IT security realm.
Contact
If you wish to view a sample report or discuss/schedule an assessment, please use our contact form or reach out to us via email at info@shelltrail.com.