logo
ArticlesConferencesPresentations
Dates
Author
Conferences
Tags

Sort by:  

What We've Learned from Scanning 10K+ Kubernetes Clusters

Conference:  Global AppSec Dublin 2023
Authors: Ben Hirschberg
2023-02-16

tldr - powered by Generative AI

The presentation discusses the state of Kubernetes risk, compliance, and security vulnerabilities based on the analysis of telemetry data from Kubescape, an open source tool that has scanned over 10K+ unique Kubernetes clusters. The talk sheds light on the most common misconfigurations, known software vulnerabilities, and RBAC violations in Kubernetes deployments, and provides insights on why and where Kubernetes deployments mostly commonly fail and statistics on which controls fail most. The presentation also offers simple measures to work towards eliminating these risks and improving overall cloud native security posture.
  • Telemetry data from Kubescape reveals a high number of misconfigurations, unpatched vulnerabilities, and overly-privileged users in Kubernetes systems
  • The talk highlights the most common misconfigurations across Kubernetes deployments according to multiple frameworks, known software vulnerabilities, and RBAC violations at early stages of the CI/CD pipeline
  • The presentation provides insights on why and where Kubernetes deployments mostly commonly fail and statistics on which controls fail most
  • Simple measures are offered to work towards eliminating these risks and improving overall cloud native security posture
Tags:
Kubernetes
compliance
CIS