1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • NSA, CISA: Here's how we can properly secure Kubernetes

    From TechnologyDaily@1337:1/100 to All on Wed Aug 4 17:15:04 2021
    NSA, CISA: Here's how we can properly secure Kubernetes

    Date:
    Wed, 04 Aug 2021 15:54:55 +0000

    Description:
    US spooks want to help secure your Kubernetes clusters from malicious threat actors.

    FULL STORY ======================================================================

    The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published a comprehensive technical report to
    help administrators harden their Kubernetes instances.

    The report comes in the backdrop of an increase in the number of attacks
    that exploit the complexities in securing Kubernetes deployments. NSA argues that Kubernetes is commonly targeted either for data theft, computational power theft, or denial of service.

    "This guidance describes the security challenges associated with setting up and securing a Kubernetes cluster. It includes hardening strategies to avoid common misconfigurations and guide system administrators and developers of National Security Systems on how to deploy Kubernetes with example configurations for the recommended hardening measures and mitigations, reads the document summarizing its intentions. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << These are the best endpoint protection tools Check our list of the best firewall apps and services Heres our collection of the best laptops for programming

    Over fifty pages long, the report analyzes the container build workflows orchestrated by Kubernetes, and discusses the security policies that admins should implement to ward off any attackers. Batten down the hatches

    The NSA argues that the three common sources of compromise in Kubernetes are supply chain risks, malicious threat actors, and insider threats.

    Irrespective of the attack vector though, the NSA suggests various mechanisms to set up and secure a Kubernetes cluster.

    In a snap, they suggest scanning the containers and pods for vulnerabilities or misconfigurations, while recommending administrators run containers and pods with the least possible privileges.

    Additionally, the document also suggests implementing strict network policies to separate resources in order to prevent the lateral movement of threat actors in the event a cluster is compromised.

    NSA cites data theft as the primary motivation of compromising Kubernetes clusters, although it acknowledges that threat actors might also seek to harness its underlying computational power for malicious purposes such as cryptomining . Protect your devices with these best antivirus software



    ======================================================================
    Link to news story: https://www.techradar.com/news/nsa-cisa-heres-how-we-can-properly-secure-kuber netes/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)