Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory

View Original

Kubernetes and Container Security

Our clients frequently ask us for advice on securing Kubernetes, the popular container orchestration engine.

Often, however, organizations are using Kubernetes as part of their first major push into containerized applications, along with all the benefits (and complexity) that architecture can bring. While there are many excellent resources for parts of Kubernetes security, we thought it would be helpful to put together a white paper outlining how to think about Kubernetes security in the larger context of creating and protecting a containerized application development pipeline.

Accordingly, our white paper covers the following topics:

  • Kubernetes Security Configuration

  • Automated Testing

  • Private Registries

  • Hardened Base Container Images

  • Continuous Integration and Deployment

  • Centralized Production Monitoring

  • Container-Specific Incident Response

  • Automated Vulnerability Management in Regulated Environments

We hope that you find this useful.

Download our White Paper here