Kubernetes namespaces - they’re an essential feature for building modern cloud architectures. Namespaces let you split up a single cluster into multiple “virtual clusters”. Resources like pods, replicasets, and deployments all live in namespaces. You can think of a namespace as being a resource’s last name - it specifies which family the resource is part of - and normal resources can have one and only one namespace (There are exceptions like the Node resource which is cluster-wide and doesn’t belong to any namespace). If you don’t think you’re using namespaces on your cluster then you’re wrong. You’re actually just putting everything into the default namespace.
Vulnerability Description and Impact
Automate Kubernetes Analytics and Forensics with Alcide kAudit
Alcide Logs and Coralogix
Last month, the Microsoft Azure Security Center published a fully detailed Threat Matrix for Kubernetes. This article identifies attack vectors unique to a Kubernetes environment. This important contribution is derived from the more generalized MITRE ATT&CK® framework that offers a complex matrix of common attack vectors.
Last week we released sKan: a new CI scanner for DevOps and developers that scans K8s deployment files for security drifts.
When it comes to personal data, an individual's health records are right up there as being amongst the most sensitive of data. Protecting it from being accidentally or purposely leaked or misused, is of the highest importance; both from an individual's perspective, but also from a governmental perspective.