C-0054 - Cluster internal networking
Cluster internal networking
Framework
YAML-scanning, AllControls, NSA, MITRE, ArmoBest
Severity
Low
Description of the the issue
Kubernetes networking behavior allows traffic between pods in the cluster as a default behavior. Attackers who gain access to a single container may use it for network reachability to another container in the cluster.
Related resources
namespaces, networkpolicies
What does this control test
Check for each namespace if there is a network policy defined.
Remediation
Define Kubernetes network policies or use alternative products to protect cluster network.
Example
No example
Updated about 17 hours ago
Did this page help you?