Security News

Kubernetes security is essentially a collection of techniques, strategies, and technologies created to protect the Kubernetes platform and the containers it handles. Kubernetes security addresses three main concerns: the K8s API, best practices for pod container security, and the 4 C's of cloud-native security, namely container, cluster, code, and the cloud itself.

Amazon's cloud platform is extending security capabilities for a couple of its widely used services; Amazon Elastic Block Store and Amazon Elastic Kubernetes Service. Amazon GuardDuty is described as a threat detection service that can continuously monitor AWS accounts and workloads for malicious activity, and can initiate automated responses.

AWS fixed three authentication bugs present in one line of code in its IAM Authenticator for Kubernetes, used by the cloud giant's popular managed Kubernetes service Amazon EKS, that could allow an attacker to escalate privileges within a Kubernetes cluster. Amazon updated all EKS clusters worldwide as of June 28, and the new version of the AWS IAM Authenticator for Kubernetes fixes the flaw.

Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. Researchers at Cyble have conducted an exercise to locate exposed Kubernetes instances across the itnernet, using similar scanning tools and search queries to those employed by malicious actors.

Kubernetes is a very important technology in the marketplace because vendors, ISVs, end users and enterprises are all able to come together and use this common infrastructure substrate to build their product on. In this video for Help Net Security, Alex Jones, Director of Kubernetes Engineering at Canonical, talks about properly adopting and managing Kubernetes in production.

Because these teams are working on different products, they should be given different access to the Kubernetes cluster. First, we create a Role object named `role-blue`, where we define the actions that can be performed on specific Kubernetes resources.

More than 380,000 Kubernetes API servers allow some kind of access to the public internet, making the popular open-source container-orchestration engine for managing cloud deployments an easy target and broad attack surface for threat actors, researchers have found. The Shadowserver Foundation discovered the access when it scanned the internet for Kubernetes API servers, of which there are more than 450,000, according to a blog post published this week.

Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. With Kubernetes in place, security teams are left with limited visibility into the impact each change has.

A survey by ionir shows that 60% of respondents are running stateful applications on Kubernetes, and of those who aren't already, 50% plan to do so in the next 12 months. The primary benefit of running stateful applications on Kubernetes, according to respondents, is that they are critical to business success and their journey toward digital transformation.

Kubernetes showing vulnerabilities against ransomware attacks. New research from Veritas Technologies detailing the inherent security risks associated with Kubernetes has been published, and some of the findings are concerning for those employing the containerized system.