27 November, 2023
May 30, 2022
A few simple approaches to protecting your K8s
Contributed by Itay Talmi, Cloud Native Applications Senior Consultant, following his attendance at KubeCon & CloudNativeCon Europe 2022.
“A single container escape was enough to take over the entire cluster.” This line has kept me awake at night, ever since I heard it at KubeCon 2022 in Valencia. There, I had the opportunity to attend the session led by Yuval Avrahami, Principal Security Researcher at Prisma Cloud. The session focused on the concept of ‘Trampoline Pods.’ Trampoline Pods are powerful pods without a least-privilege approach, and can be used by attackers to take over the entire cluster! The takeaway? If you are running K8s, you absolutely must be aware of this security vulnerability!
The discussion highlighted the value of RBAC Police and Checkov (by Bridgecrew) open-source tools, and it could all easily be managed (including CSPM & CWPP) by an all-in-one solution that I love to recommend: Prisma Cloud by Palo Alto Networks. Yuval’s session was incredibly valuable, with an enlightening demonstration.
I look forward to continuing to explore this issue and invite you to reach out to me if you have any questions or would like to talk about a Prisma Cloud demo.