As the pace of life accelerates, we spend less time waiting or in downtime. Kubernetes offers something similar to our life with technology. It is a container orchestration platform that offers an easy, automated way to establish and manage a containerized app network.
As the Kubernetes system becomes more prevalent in our “technological life,” we expect that we will encounter this system more and more.
Our responsibility as penetration testers and researchers is to take care of the security aspect of Kubernetes. We need to make sure it is deployed securely and that there are no vulnerabilities putting the whole system at risk.
This whitepaper is aimed at helping security personnel get an idea of the risks that might exist in the Kubernetes system and can serve as an excellent methodology document for penetration testers going up against the Kubernetes system, whether they are engaging in white-, black- or gray-box testing.
This whitepaper is built around the three vectors that pentesters should check first.