Kubernetes Security: Your Guide to Securing Your Applications
Start writing a post
News

Kubernetes Security: Your Guide to Securing Your Applications

When we think of cybersecurity and the protection of our data while online, we often think of the fact that our computers are connected to the internet – the 'Wild West' of the infinite space of the web that can host many negative and bad actors.

7
Kubernetes Security: Your Guide to Securing Your Applications

Whether or not that's an entirely reasonable assertion, there are thousands of security risks that can affect your business, and all of them are in some way related to external influences. This article looks at the influence of cloud-based threats on your business, and how to secure your containerized apps through properly securing the most popular container orchestrator: Kubernetes.

Where Apps Reside

Many businesses rely on containerized apps. They do so either to help them build and deploy faster to ensure that their digitization (also business transformation) processes are leading to positive results through faster time to deployment and updates. Containerized apps are often plugged directly into back-ends through complex systems of APIs that ultimately enable the quick and painless onboarding of third-party technologies that would otherwise take a great deal of time to onboard.

The problem with containerized apps is that they're liable to be attacked, like any other type of software, but the security threats are different and need a different approach. Most business are running some of their most critical workloads as containerized apps in the cloud, and any interruption, downtime, or security threat to these apps can wreak havoc with their business processes and will ultimately lead to your business losing money. In order to avoid this situation, they need to protect your cloud-based apps and the container orchestrators like Kubernetes.

How Kubernetes Works

A large team of thousands of scientists, researchers and developers build and maintain Kubernetes (since it has been open-sourced by its original creator, Google). At the same time, containers and Kubernetes pose new security challenges that should be addressed as you build your images into containers and pods, and deploy those pods into your running clusters.Some of those challenges include:

  • Kubernetes is easy to misconfigure
  • Network policies are by default insecure
  • The built-in security capabilities are sometimes hard to operationalize

For example, Kubernetes role-based access control (RBAC) is essentially the critical access control center for your containerized workloads, and it's where you're going to be able to regulate access to your network and your container resources. But it's easy to misconfigure the RBAC settings and make them overly permissive for easy and speed of development.

How to Maintain Your Kubernetes Security

Building a containerized app with Kubernetes security in mind is highly recommended. The shared responsibility model of cloud security dictates that you are in charge of how you build your application on IaaS platform. Here are a few ways to improve the security of your k8s:

  • Turn on RBAC
  • Ensure that you're not running containers in privileged mode, unless absolutely necessary
  • Enforce resource use limits on containers and pods
  • Start security early; don't wait until you're app is about to go into production to think about security
  • Scan your images on a regular basis, and make sure images that haven't been scanned in 90 days are not being used
  • Use trusted image registries, and blacklist any that isn't a trusted registry
  • Automate your security as much as possible and integrate security checks into your continuous improvement/continuous deployment pipeline
  • Isolate your pods by default, and write network policies that explicitly allow specific communication paths

This introduction to the complex world of Kubernetes security should help developers build and deploy more security applications that are being orchestrated by Kubernetes.

Report this Content
This article has not been reviewed by Odyssey HQ and solely reflects the ideas and opinions of the creator.
Adulting

7 Ideas for Keeping Logins and Passwords Securely

The first line of defense against identity theft is passwords. Unfortunately, many of us fail to remember to use them. Almost 60% of baby boomers don't use secure passwords. And, according to a report by Norton, digital natives are more prone to having their accounts compromised.

9625
7 Ideas for Keeping Logins
https://www.pexels.com/photo/man-in-brown-hoodie-using-laptop-computer-5475747/

The first line of defense against identity theft is passwords. Unfortunately, many of us fail to remember to use them. Almost 60% of baby boomers don't use secure passwords. And, according to a report by Norton, digital natives are more prone to having their accounts compromised.

Keep Reading... Show less
Featured

Ford Cars That We Love

There's a good chance we've all driven a Ford or spent a lot of time at Ford, but what are some of the best cars they've ever made?

38540
Ford Cars That We Love
Photo by Jessy Smith on Unsplash

There are arguably few bigger automakers than Ford. They are a company that shaped the auto industry as we know it today and with a solid reputation in the industry, our wide range of Ford leases has always been a popular choice among drivers.

Keep Reading... Show less
Featured

Prose: One Call

What if you had one call, but you could not say anything other than what you were told to say? In this short excerpt, Bethany finds herself at odds with her jailers and with the one she was told to call, the one she loves. What would you do when the conversation takes a turn off script?

26913
Prose: One Call
https://unsplash.com/s/photos/jail

With each incessant numbing ring of the phone call, I could feel the betrayal coiling around me like the phone line, squeezing me tighter.

Keep Reading... Show less
Featured

'Hotel Transylvania: Transformania' Film Review

Solid animation can't raise the newest entry in Sony's colorful monster series beyond the basics

86646
'Hotel Transylvania: Transformania' Film Review
Photo Credit: Amazon Prime Video – YouTube https://www.youtube.com/watch?v=6suJohjIvfo

I take a slight issue with the idea that Adam Sandler didn’t have a good dramatic role until ‘Uncut Gems,’ what about ‘Hotel Transylvania’ (he says semi-seriously)?’

Keep Reading... Show less
Featured

4 Common Reasons Couples Get Divorced

Are some people just not meant to be together? Is there any way to prevent an impending divorce?

101549
4 Common Reasons Couples Get Divorced

We've all heard the statistics. Roughly 50% of married couples eventually end up divorced. This can lead to complications, problems with your children, financial issues, and no small amount of negative emotions.

Keep Reading... Show less
Facebook Comments