How to increase the security posture of a Kubernetes cluster is always top of mind for cluster administrators.

While we recommend starting with the documented Kubernetes security best practices, a new resource to add to your must-read list is the Kubernetes Hardening Guidance Report.

Produced by the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), it details the most critical threats to the security of Kubernetes environments, providing guidance for cluster configuration in order to minimize risk.

More specifically, the report focusses on hardening techniques in three main areas:

• Container and Pod scanning for vulnerabilities, weaknesses, and misconfiguration
• Running containers and Pods with the most restrictive set of privileges possible
• Network security recommendations for firewall configuration, network separation, authentication, and log auditing

You can download the report from https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF

---