NSA, CISA Releases Kubernetes Hardening Guidance

The Technical guidance outline is the result of a collaborative measure of both government agencies to drastically mitigate risks and threat action


The National Security Agency (NSA), together with the Certified Information Systems Auditor (CISA), on August 3, 2021, published a technical report centred on Kubernetes. The report provides critical education on Kubernetes threats and configuration countermeasures.

Kubernetes is a big money department for threat actors and threat theaters, be it private or government
Kubernetes is a big money department for threat actors and threat theaters, be it private or government
Key Facts
  1. 1

    There are three basic occasions that place Kubernetes in the threat radar.

  2. 2

    Mitigation of misconfigurations, a valuable topic, was detailed in the report.

  3. 3

    The report also makes emphasis on public supply chain risks.


Kubernetes, according to Kubernetes.io, is a portable, extensible, automated, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation.

Docker took the cloud world by storm in 2013, since then, it's been containers first. Developers embraced containers to create and deploy applications. In the following year, Google picked up the pace and delivered K8s on the same foundation that Docker placed. Containerized applications have been making headlines.

The Big guns in information technology, though having self-engineered Kubernetes counterparts, have embraced Kubernetes. Their flagship offerings were built on K8s, OpenShift representing IBM's Red Hat, Tanzu and Canonical representing VMware, Digital Ocean, etc.

Due to its wide ecosystem and high adoption numbers amongst its counterparts, it would come as quite a surprise if there wasn't heightened threat activity around it. However, no surprises here, there's an outlandish level of cyber threat. Hackers are always looking to exploit misconfigurations, defaulting control planes, etc delivering all forms of cyberattacks using Kubernetes clusters. It could be ransomware now, and crypto jacking a second later. Kubernetes is a big money department for threat actors and threat theaters, be it private or government. Data theft, denial of service, and computational power theft are the three common reasons why Kubernetes is targeted. Data theft leads the charge in detrimentality, computational power theft weighs quite less, it could be utilizing Kubernetes for purposes like crypto mining.

The contents of Kubernetes Hardening Guidance are adequately suggested by the title. It provides comprehensive guidelines to harden Kubernetes systems, leveraging information harnessed from past events to provide solutions to high penetration index. Standard cyber hygiene, such as deploying patches, updates, and upgrades to minimize risk, is also important. Vulnerability scans are also recommended to ensure that fixes have been deployed. The 52-page report covers Kubernetes clusters, the control plane, worker nodes (for running cluster-wide containerized programs), and pods (for containers hosted on these nodes). Scanning containers and Pods for vulnerabilities and misconfigurations, operating containers and Pods with the fewest rights feasible, and utilizing network separation, firewalls, strong authentication, and log audits are among the most important steps.

The security agencies also recommend the use of firewalls to control network connectivity and employ strong authentication and authorization to drastically reduce administrator access. They can also employ log auditing to allow managers to monitor activity and receive alerts for potentially malicious conduct, as well as evaluate Kubernetes settings and run vulnerability scans on a regular basis to ensure risks are addressed, and security fixes are issued.

Get similar news in your inbox weekly, for free

Share this news:

Latest stories

How ManageEngine Applications Manager Can Help Overcome Challenges In Kubernetes Monitoring

We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …

AIOps with Site24x7: Maximizing Efficiency at an Affordable Cost

In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …

A Review of Zoho ManageEngine

Zoho Corp., formerly known as AdventNet Inc., has established itself as a major player in …

Should I learn Java in 2023? A Practical Guide

Java is one of the most widely used programming languages in the world. It has …

The fastest way to ramp up on DevOps

You probably have been thinking of moving to DevOps or learning DevOps as a beginner. …

Why You Need a Blockchain Node Provider

In this article, we briefly cover the concept of blockchain nodes provider and explain why …

Top 5 Virtual desktop Provides in 2022

Here are the top 5 virtual desktop providers who offer a range of benefits such …

Why Your Business Should Connect Directly To Your Cloud

Today, companies make the most use of cloud technology regardless of their size and sector. …

7 Must-Watch DevSecOps Videos

Security is a crucial part of application development and DevSecOps makes it easy and continuous.The …