The NSA and CISA just released a Kubernetes Hardening guide. I have attached it here.
cheers
Kubernetes Hardening Guide
+22+22I seem to have posted this as a question and not content but don't see where I can change that :).
VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS, PCA,TARS
1 person likes this
+21Saved for future reading when I can get in to Kubernetes. 
+23I also strongly recommend looking into Ian Coldwater for insights around Kubernetes security hardening, they’re extremely well known and respected within the community (Ian is the Kubernetes SIG Co-Chair) and the infosec community was widely surprised that Ian wasn’t consulted in the production of that document you referenced
Michael Paul - Opinions are my own and do not necessarily reflect the opinion of Veeam | https://micoolpaul.com | Mastodon: @micoolpaul@masto.nu | Bluesky: @micoolpaul.com
+22MicoolPaul wrote:
I also strongly recommend looking into Ian Coldwater for insights around Kubernetes security hardening, they’re extremely well known and respected within the community (Ian is the Kubernetes SIG Co-Chair) and the infosec community was widely surprised that Ian wasn’t consulted in the production of that document you referenced
Interesting. let me check if he worked on the CKS or not, if not this could be some personality conflict thing :)
VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS, PCA,TARS
1 person likes this
Inder | www.thenetworkdna.com | Twitter @inder8588
1 person likes this
Comment
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.