Security News > 2021 > August > New CISA and NSA Guidance Details Steps to Harden Kubernetes Systems
New guidance from the United States Cybersecurity and Infrastructure Security Agency and the National Security Agency provides information on the steps that administrators can take to minimize risks associated with Kubernetes deployments.
An open source container orchestration system for deploying and managing applications in containers, Kubernetes is often deployed in cloud environments.
Kubernetes systems are mainly compromised through the supply chain, by malicious threat actors, or insider threats, the new CISA and NSA advisory titled Kubernetes Hardening Guidance notes.
The advisory details the security challenges associated with deploying and securing Kubernetes clusters, while also sharing hardening strategies that administrators and developers can apply to avoid common misconfigurations and improve the security of their deployments.
Aimed at Department of Defense, Defense Industrial Base, and National Security Systems employees, the guidance is applicable in the private sector as well.
CISA and NSA recommend that administrators follow the provided guidance and keep their systems updated at all times, to further minimize risks.