Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

New CISA and NSA Guidance Details Steps to Harden Kubernetes Systems

New guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) provides information on the steps that administrators can take to minimize risks associated with Kubernetes deployments.

New guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) provides information on the steps that administrators can take to minimize risks associated with Kubernetes deployments.

An open source container orchestration system for deploying and managing applications in containers, Kubernetes is often deployed in cloud environments. Improperly configured Kybernetes systems, however, may expose the applications to various types of attacks, including data theft, cryptomining, and denial-of-service (DoS) attacks.

Kubernetes systems are mainly compromised through the supply chain, by malicious threat actors, or insider threats, the new CISA and NSA advisory titled Kubernetes Hardening Guidance notes.

The advisory details the security challenges associated with deploying and securing Kubernetes clusters, while also sharing hardening strategies that administrators and developers can apply to avoid common misconfigurations and improve the security of their deployments.

Aimed at Department of Defense, Defense Industrial Base, and National Security Systems employees, the guidance is applicable in the private sector as well.

Recommended mitigations, the two agencies say, include scanning containers and Pods for vulnerabilities, running them with the least privileges possible, using network separation, deploying firewalls and encryption, employing strong authentication and authorization to limit the attack surface, auditing logs to identify suspicious activity, and periodically reviewing settings to identify risks.

CISA and NSA recommend that administrators follow the provided guidance and keep their systems updated at all times, to further minimize risks. Periodically performing settings and vulnerability scans should also help identify and mitigate risks.

Related: Threat Actors Target Kubernetes Clusters via Argo Workflows

Advertisement. Scroll to continue reading.

Related: Kubeflow Deployments Targeted in New Crypto-mining Campaign

Related: New ‘Hildegard’ Malware Targets Kubernetes Systems

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.