A year ago, when we planned our strategy and had our predictions for 2020, we most definitely could not predict how erratic 2020 would turn out to be. We too had to adjust and provide support for our employees’ and clients’ new needs. However, 2020 turned out to be a tipping point year for the Kubernetes community with a massive K8s adoption across the globe. Many companies made a huge shift to the cloud and in order to do it the most cost effective and efficient way they turned to Kubernetes. As a result we faced a growing need for Kubernetes Security and therefore 2020 has become the best year yet for Alcide.
Working with Kubernetes namespaces enables you to manage users spread across multiple teams and projects. Namespaces are essentially virtual clusters backed by the same physical single cluster. As Kubernetes clusters help in managing workloads and deployed objects, these numbers increase and can become unmanageable over time.
Traditional network security includes protection against layer2 and layer3 spoofing attacks. Many security teams don’t realize it, but these threats are still relevant when running applications on a Kubernetes cluster in the cloud. You might be using a complex container network, but that doesn’t mean that simple spoofing attacks between pods aren’t possible. This matters because it dramatically increases the blast radius of compromised pods.
Kubernetes namespaces - they’re an essential feature for building modern cloud architectures. Namespaces let you split up a single cluster into multiple “virtual clusters”. Resources like pods, replicasets, and deployments all live in namespaces. You can think of a namespace as being a resource’s last name - it specifies which family the resource is part of - and normal resources can have one and only one namespace (There are exceptions like the Node resource which is cluster-wide and doesn’t belong to any namespace). If you don’t think you’re using namespaces on your cluster then you’re wrong. You’re actually just putting everything into the default namespace.
Vulnerability Description and Impact
Automate Kubernetes Analytics and Forensics with Alcide kAudit
Last month, the Microsoft Azure Security Center published a fully detailed Threat Matrix for Kubernetes. This article identifies attack vectors unique to a Kubernetes environment. This important contribution is derived from the more generalized MITRE ATT&CK® framework that offers a complex matrix of common attack vectors.