Kubernetes Security Operations Center announced the rollout of a zero-trust policy generator designed to simplify the task of managing role-based access controls for Kubernetes clusters, Cloud Native Now reports.
According to KSOC Chief Technology Officer Jimmy Mesta, it has been difficult to manage role-based access controls in Kubernetes environments as no means currently exists to prevent over- permissioning. Threat actors frequently exploit this flaw to escalate privileges and proceed to spend up to several weeks studying processes and workflows in preparation for a more severe attack.
With the zero-trust policy generator, administrators can automatically create least-privilege recommendations and generate insights into malicious identities that are detected by the KSOC identity threat detection and response platform. In addition, KSOC announced that Kubernetes Custom Resources are now supported in its Kubernetes security posture management platform and that a GitHub application to simplify the integration of its platform within the context of a DevOps workflow is now generally available. KSOC can also now track the usage of Chainguard-provided curated container images to support efforts to inculcate DevSecOps best practices in IT teams.
