Events 0
En
Ua
Events 0
Search result:
More
Home Press center New security validation capabilities for Kubernetes and containers
New security validation capabilities for Kubernetes and containers- image 1
News
Published:

New security validation capabilities for Kubernetes and containers

In today’s world of digital transformation, keeping security up-to-date can be exhausting for cybersecurity professionals. With the increasing need to adopt new technologies and migrate workloads to the cloud, security teams must respond quickly to minimise risks.

One of the consequences of the introduction of the latest cloud technologies has been a significant increase in the use of applications in containers, which provide an easy, scalable and portable way to run applications in the cloud.

Kubernetes, an open-source platform that has become the standard for container management, a central element in the implementation of containers.

Security issues with containers and Kubernetes

Despite the benefits, the dynamic and complex nature of containers and Kubernetes can create new security threats. Security gaps in containers caused by misconfigurations are common, and new application deployments can introduce new risks, increasing the likelihood of incidents. Without a proactive management approach, security risks can easily outweigh any operational benefits.

According to Redhat’s State of Kubernetes Report 2023, more than two-thirds of Kubernetes users (67%) have delayed deploying applications due to security threats.

Introducing security validation for Kubernetes

To ease the task of securing containers and increase confidence in the security of cloud workloads, Picus introduces Security Validation for Kubernetes. This new solution extends the capabilities of the Picus platform to enable security and DevOps teams to proactively identify and remediate container security risks with less manual effort.

Kubernetes validation capabilities

In accordance with the standards of the Internet Security Centre, Kubernetes validation identifies critical risks in containerised environments, including nodes, pods, and policies. Among the risks it can detect:

Incorrect policy settings

Improper role settings and overly liberal policies, such as running containers with root privileges, can allow attackers to elevate privileges and gain access to sensitive data and services.

Network settings

Insufficient network segmentation and the use of standard settings, such as allowing modules in a cluster to communicate with each other, can increase the ability of attackers to move horizontally.

Vulnerabilities in the control plane

Incorrect settings related to Kubernetes secrets, certificates, and roles can be used by attackers to achieve their goals.

A single platform for cloud and container validation

Kubernetes validation is part of the Picus Cloud Security Validationprovides cloud security management and cloud attack simulation for Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). From a single dashboard, you can view security risks across all your environments and get recommendations to quickly and effectively close gaps.

By simulating cloud attacks, you can understand how effective your security measures are and increase awareness of how attackers might try to elevate privileges.

Find out how to ensure the safety of your loads at all times. Get in touch with our team for more information and a demo of the platform Picus Cloud Security Validation in action.

NEWS

Current news on your topic

Commvault News
Commvault AI Protect: Control Over Autonomous AI Agents
More
Cloudflare News
Launching Cloudflare Sandboxes: A Safe Environment for AI Agents
More
Default
AI, Identity and New Attack Speed: What Experts Discussed at the Executive Dinner for Cybersecurity Leaders
More
All news
All news
This website uses cookies for convenience. Privacy policy