C-0054 - Cluster internal networking
Cluster internal networking
ArmoBest, NSA, MITRE, AllControls
Description of the the issue
Kubernetes networking behavior allows traffic between pods in the cluster as a default behavior. Attackers who gain access to a single container may use it for network reachability to another container in the cluster.
What does this control test
Check for each namespace if there is a network policy defined.
Define Kubernetes network policies or use alternative products to protect cluster network.
Updated 2 days ago