Critical Kubernetes & OpenShift Vulnerability Exposes API Server

Glen Kosaka Container Security

The First Major Vulnerability Discovered in Kubernetes, And It’s A Big One The big news today on the eve of the start of DockerCon EMEA has not been conference related announcements but rather the disclosure of a critical security hole in Kubernetes, and by inheritance, Red Hat OpenShift. This vulnerability, CVE-2018-1002105, is so critical with a severity rating of 9.8 …

Kubernetes System Security – Protecting Against Kubelet Exploits

Glen Kosaka Network Security

By Andson Tung As critical as it is to protect application containers deployed by Kubernetes, it is just as critical to protect the Kubernetes system containers from attacks or from being used in an attack. In this post I’ll focus on one important Kubernetes security area – protecting the Kubelet, which manages the pods on a worker node. The recent …