k8s-security

by kabachook

kabachook /k8s-security

Kubernetes security notes and best practices

464 Stars 41 Forks Last release: Not found 66 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Kubernetes security

This repo is a collection of kubernetes security stuff and research.

The research was conducted during Summ3r 0f h4ck traineeship.

Overview

In-depth research about security of kubernetes features and misconfigurations. Source for all documents below

A "must do"/best practices list of things to make attacker's life hard

A checklist of flags to quickly test if your cluster has security features enabled.

A guide for attacker: what to do if he gets to pod/cluster.

Also, some attacks included

Page with sources for security announces and previous vulnerabilities

Tools

Script for enumerating services in kubernetes cluster. Common services dictionary provided.

Slides

References

Tracking issue

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.