CIS Benchmark for Kubernetes 1.6
Rani Osnat
Seasoned marketing, BD and Corp Dev executive in early stage startups and growth stage companies in enterprise software, cyber security, cloud and DevOps..
The Center for Internet Security (CIS) published a new benchmark last week for Kubernetes 1.6. As the adoption of container technologies grows rapidly, orchestrators have become a key enabler, since large-scale deployments can’t be managed efficiently by humans.
While securing a single-node deployment is extremely important, securing the cluster largely depends on the security of the orchestrator configuration as a whole.Standardization of security requirements is very important, as we explained in our blog about the Docker CIS benchmark, so it’s only logical that CIS would publish a standard for orchestrators. Kubernetes is one of the leading orchestrators and endorsed by the CNCF. Although it’s still rapidly changing and has many security features planned on its roadmap (which I wrote about on the K8S blog a while back), the CIS decided that the 1.6 release is mature enough to create a standard benchmark document, to help organizations in the adoption of Kubernetes in production.