- These are the best endpoint protection tools
- Check our list of the best firewall apps and services
- Here’s our collection of the best laptops for programming
Batten down the hatchesThe NSA argues that the three common sources of compromise in Kubernetes are supply chain risks, malicious threat actors, and insider threats. Irrespective of the attack vector though, the NSA suggests various mechanisms to set up and secure a Kubernetes cluster. In a snap, they suggest scanning the containers and pods for vulnerabilities or misconfigurations, while recommending administrators run containers and pods with the least possible privileges.
Additionally, the document also suggests implementing strict network policies to separate resources in order to prevent the lateral movement of threat actors in the event a cluster is compromised.
NSA cites data theft as the primary motivation of compromising Kubernetes clusters, although it acknowledges that threat actors might also seek to harness its underlying computational power for malicious purposes such as cryptomining.
- Protect your devices with these best antivirus software