Security News > 2021 > April > Managing and maturing Kubernetes security in the enterprise

The TL;DR version of the Infoworld article went something like this: "Companies are shying away from managing their own Kubernetes clusters and more and more, turning to managed Kubernetes solutions" - and I was not surprised.

Even though Kubernetes adoption seems to be at an all-time high, security awareness for teams working on Kubernetes projects at their workplaces and running mission-critical workloads on Kubernetes is surprisingly low.

The important thing for any team or organization undertaking Kubernetes implementations is to get a baseline amount of security awareness of Kubernetes and its broader ecosystem.

Just like you train users to not respond to phishing emails with security awareness training, you need to have your DevOps staff, architects and engineering teams understanding Kubernetes security implementations: how it can be compromised and how it can be fixed.

My team and I always find eye-opening reactions when we train technology teams on Kubernetes security and they're always shell-shocked to find privilege-escalation possibilities and attack patterns during the lab sessions, which are powerful against Kubernetes and workloads hosted on Kubernetes.

The Admission Controller object in Kubernetes is probably the most important security paradigm that one can leverage to add additional security controls like resource constraints, namespace lifecycle controls.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/qo21C3qQMWw/