New recommendations released by the National Security Agency and the Cybersecurity and Infrastructure Security Agency seek to help enterprises improve security in their Kubernetes systems, which have recently been a popular target of cybercriminals, according to BleepingComputer
The agencies' 52-page report titled "Kubernetes Hardening Guidance" identified supply-chain attacks, insider threats and malicious actors as the three primary threats to organizations' Kubernetes
environments, which, while difficult to address simultaneously, can be protected against through mitigation measures and vigilance about common misconfigurations.
In general, the agencies' recommendations are to scan for vulnerabilities and misconfigurations in containers and Pods, to run the containers and Pods with the lowest level of privileges unless otherwise necessary and implement security measures such as network separation, correctly configured firewalls, strong authentication measures and audit logs. The agencies also urged administrators to regularly check their Kubernetes settings to make sure benefits from the latest patches and updates are active.