Continuous runtime protection using Kubearmour and ChatGPT

Kubernetes is a widely adopted container orchestration tool which hosts and runs 60% of internet applications. As cluster orchestration tools like Kubernetes, Openshift adoption continues to grow, it is likely that the number of clusters in use will continue to increase, which in-turn increases the complexity of managing, monitoring, and most importantly securing and hardening the clusters at scale. Furthermore, we have the problem of managing the complexity of different versions and hardening approaches of the different versions.

In this blog I would like to share my thoughts and experience of hardening,? protecting and maintaining the security posture of orchestration tools like Kubernetes, Openshift clusters using KubeArmor.

The reason I embarked on this journey was to secure scalable network, application, runtime and enforce security best practices at birth of a cluster. Providing ease of adoption to developers and visibility to security teams.

I had the following key requirements :

• Solution should be Simple and Scalable
• Enforce Hardening, best practices, runtime using unified tool.
• Gitops / DevOps friendly ( Policy as Code )
• Continuous runtime protection?
• Continuous Monitoring of security events.
• Ease of adoption for developers and?
• Provide visibility for security teams.

KubeArmor is an open-source policy engine that helps secure your Kubernetes clusters by providing a way to define and enforce Kubernetes and Openshift security policies. We can define policies that control access to Kubernetes network and resources, validate resource configuration, and prevent security breaches that might happen during runtime.

Policy as Code: The policies are written in YAML format and are easy to understand and create. Developers and security engineers can adopt DevOps / Gitops process to achieve controlled and continuous deployment of these policies.

KubeArmor can be easily integrated into any Kubernetes cluster on-premise or cloud. KubeArmor uses inline mitigation to reduce the attack surface of the pod/container/VM. It uses the Kubernetes API server to monitor and enforce policies and reduces pain of installing multiple security agents and tools.

ChatGPT and Kubearmour

ChatGPT and KubeArmor:

Given the right set of expectations to ChatGPT,? I was able to successfully generate and apply the following policies to my cluster(s).

• Network hardening policies
• Network segmentation policies
• Enforce monitoring and logging
• Enforce Hardening policies
• Pod Security policies and
• Compliance controls.

Enforce your K8 best practices using Kubearmour Best Practices Policies

In conclusion, KubeArmor is a simple yet scalable tool for developers to harden, secure and protect their scalable cloud native workloads deployed across Kubernetes and Openshift clusters.

Few references and interesting reads: