Implementation -> Infrastructure Hardening: The environment is hardened
Risk and Opportunity
Risk: Using default configurations for a cluster environment leads to potential risks.
Opportunity: Harden cluster environments according to best practices. Level 1 and partially level 2 from hardening practices like 'CIS Kubernetes Bench for Security' should considered.
Additional Information
Implementation hints
- CIS Kubernetes Bench for Security, Link, Tags:
- CIS Docker Bench for Security, Link, Tags:
- For example for Cont, , Tags:
- Attack Matrix Cloud, Link, Tags: mitre
- Attack Matrix Containers, Link, Tags: mitre
- Attack Matrix Kubernetes, Link, Tags: mitre
- Defend the core kubernetes security at every layer, Link, Tags: documentation cluster kubernetes
Usefulness and Requirements of this Activity
Usefullness: High
Required knowledge: High (two disciplines)
Required time: Medium
Required resources (systems): Low
OWASP SAMM VERSION 2
ISO27001 2017
- system hardening is not explicitly covered by ISO 27001 - too specific
- 13.1.3