Securing Container Platforms
During a container platform check I review your platform setup against security best-practices regarding the following topics:
- Container Capabilities
- Pod Specification Files & Configs
- Master Node Settings (API-Server, Controller Manager, Scheduler)
- Control Plane Configuration
- Worker Node & Kubelet Settings
- Encryption (data-in-transit & data-at-rest)
- Key Management
- Etcd Settings & Secret Management
- Pod Isolation (Namespace Isolation Policies)
- Ingress/Egress Routing
- RBAC Policies & Service Accounts
- Seccomp Profiles
- Logging & Monitoring
- DFIR-Readiness (Digital Forensics & Incident Response)
- Component & API Versions
My security review approach includes the latest benchmark tests as well my extensive pentesting experience of container-based environments.
Review of Container Images
Optionally this container platform check can also analyze the container images against containerization security best-practices. This container check includes checking for security misconfiguration and vulneerable components inside the images and the way these images are built and distributed.
Review of Cloud Environments
Often container orchestration platforms are used in cloud environments like AWS, Azure, GCP, or OTC to easily scale the runtime. For reviewing the security of cloud environments I offer a separate service: Cloud Security Check
The resulting report of the found security issues includes detailed descriptions of the findings (along with all evidence collected) and mitigation advice to remediate each issue and tips to further harden your application. To better distribute the individual findings towards the relevant parties, I categorize all findings by function (business, architecture, development, operation) to which the finding applies.
After sending the report an on-site or remote debriefing meeting will be arranged to further discuss the report and any potential questions along with the team members assigned to remediate the findings.
This process can optionally be followed by a second check of remediated findings, which leads to an updated report.
This kind of security check requires access on high-privileged level to the container platform environment in order to review its security. Also access to the container build and manifest files is required to check the container design from a security perspective.
It is helpful to get some information upfront about your architecture and desired container setup in order to let the review be as targeted as possible. This also includes some high-level information about your architecture, as what components are used and what kind of data (in terms of sensitivity) is handled on which component.
This information is usually provided and discussed in a kick-off workshop (remote or on-site) at latest a few days before the review begins.