1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Kubernetes security report finds people have no idea how to use K

    From TechnologyDaily@1337:1/100 to All on Wed May 18 12:15:04 2022
    Kubernetes security report finds people have no idea how to use Kubernetes

    Date:
    Wed, 18 May 2022 11:02:16 +0000

    Description:
    Security concerns over Kubernetes have delayed project launches, often
    because people aren't sure how to work with it.

    FULL STORY ======================================================================

    Kubernetes seems to be a security nightmare because its super complex to use, and people tasked with using it are struggling to cope, a report from Red Hat has found.

    The company polled 300 DevOps, engineering, and security professionals for
    the paper, and found that 55% postponed launching an app because of security concerns.

    Almost all (93%) have had at least one security incident in their Kubernetes environment in the last 12 months, with a third (31%) suffering either
    revenue loss, or customer loss.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Misconfigurations

    "Kubernetes and containers, while powerful, were designed for developer productivity , not necessarily security," the report says. "Default
    pod-to-pod network settings, as an example, allow open communication to quickly get a cluster up and running, at the expense of security hardening."

    Complex environments lead to misconfigurations, and misconfigurations lead to endpoint security incidents.

    "Despite extensive media attention over cyberattacks, the report highlights that it's actually misconfigurations that keep IT professionals up at night," Ajmal Kohgadai, Red Hat product marketing manager, said.

    "Kubernetes is highly customizable, with various configuration options that can affect an applications security posture. Consequently, respondents worry the most about exposures due to misconfigurations in their container and Kubernetes environments (46%) nearly three times the level of concern over attacks (16%)." Read more

    Microsoft is working on a whole new kind of Kubernetes


    Hackers have found yet another way to attack Kubernetes clusters


    NSA, CISA: Here's how we can properly secure Kubernetes

    It barely hurts Kubernetes image or popularity, though. The open-source container orchestration software is being used, or considered, by 96% of organizations, last years Cloud Native Computing Foundation report states.

    Red Hat is looking to tackle the issue of human error by minimizing human interaction through automation, and has, to that end, acquired StackRox last year. "The StackRox project aims to help simplify DevSecOps by integrating security capabilities within the development and deployment lifecycle, effectively shifting application security "to the left" in software
    creation," the company said at the time. Prevent security incidents with the best firewalls around

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/kubernetes-security-report-finds-people-have-no -idea-how-to-use-kubernetes/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)