C-0054 - Cluster internal networking

Framework

NSA, MITRE, ArmoBest, AllControls

Severity

Medium

Description of the the issue

Kubernetes networking behavior allows traffic between pods in the cluster as a default behavior. Attackers who gain access to a single container may use it for network reachability to another container in the cluster.

Related resources

Namespace, NetworkPolicy

What does this control test

Check for each namespace if there is a network policy defined.

Remediation

Define Kubernetes network policies or use alternative products to protect cluster network.

Example

No example