NSA & CISA Jointly Provide Guidance on Kubernetes Security

NSA & CISA Jointly Provide Guidance on Kubernetes Security
Kubernetes Hardening Guidance

The National Security Agency (NSA) partnered with the Cybersecurity and Infrastructure Security Agency (CISA) to provide guidance on Kubernetes, an open-source automation system used for containerized applications. 

The agencies' Kubernetes Hardening Guidance report tackles threats to Kubernetes and offers risk reduction practices, NSA said Tuesday. Cyber attackers target Kubernetes environments to steal data and computational power or disrupt applications.

The report advises organizations to scan containers for vulnerabilities, separate networks and apply defensive measures such as strong authentication and firewalls.

The agencies also recommend that system administrators periodically review Kubernetes settings and inspect for vulnerabilities. The new guidance aligns with NSA's mission to protect national security systems and the defense industrial base.

You may also be interested in...


DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.