C-0026 - Kubernetes CronJob

Framework

MITRE, AllControls

Severity

Low

Description of the the issue

Kubernetes Job is a controller that creates one or more pods and ensures that a specified number of them successfully terminate. Kubernetes Job can be used to run containers that perform finite tasks for batch jobs. Kubernetes CronJob is used to schedule Jobs. Attackers may use Kubernetes CronJob for scheduling execution of malicious code that would run as a container in the cluster.

Related resources

CronJob

What does this control test

We list all CronJobs that exist in cluster for the user to approve.

Remediation

Watch Kubernetes CronJobs and make sure they are legitimate.

Example

No example