C-0054 - Cluster internal networking

Cluster internal networking

Framework

ArmoBest, MITRE, NSA, AllControls, YAML-scanning

Severity

Medium

Description of the the issue

Kubernetes networking behavior allows traffic between pods in the cluster as a default behavior. Attackers who gain access to a single container may use it for network reachability to another container in the cluster.

Related resources

Namespace, NetworkPolicy

What does this control test

Check for each namespace if there is a network policy defined.

Remediation

Define Kubernetes network policies or use alternative products to protect cluster network.

Example

No example