It has been reported that Kubernetes vulnerability hits top of severity scale. The security issue strikes at some of the basic reasons for the rising popularity of containers as an architecture and Kubernetes as an orchestration mechanism.The vulnerability (CVE-2018-1002105) allows for privilege escalation and can be accessed by both authorised and unauthorised users.
Gavin Millard, VP of Intelligence at Tenable explains the vulnerability and what organisations can do to protect themselves.
Gavin Millard, VP of Intelligence at Tenable:
“Containerisation and DevOps can have incredible benefits for organisations that adopt the approach, but it’s critically important that security is baked into the transformation to the more agile approach in development and deployment. “Shifting left” or introducing security controls earlier into the development process, can ensure the benefits are realised without an increase to the attack surface or overall Cyber Exposure.”