Kubernetes Review

Secure your Kubernetes infrastructure with our configuration review service.

Bring your implementation in-line with the Center for Internet Security standard.

Reviewing Kubernetes configuration is important as security misconfigurations could lead to the compromise of applications, data, and resources. By proactively identifying and addressing these vulnerabilities, you can prevent costly incidents and protect your organisation.

Configuration Review: The assessor thoroughly examines the Kubernetes configuration, including Control Plane components, authentication mechanisms, RBAC (Role-Based Access Control) policies, the configuration of worker nodes, network policies, and resource limits. They verify if the configuration aligns with good security practices and security guidelines.

Access Control Assessment: The assessor evaluates the access control mechanisms in place, such as user and service account permissions, roles, and role bindings. They check if the principle of least privilege is followed and assess if there are any unnecessary or overly permissive access rights.

Container Image and Runtime Assessment: The assessor examines the security of container images used in the cluster, including the vulnerability scanning process, image signing, and runtime security configurations. They check for best practices like using only trusted images, scanning for vulnerabilities, and utilising secure runtime settings.

Logging and Monitoring Review: The assessor assesses the logging and monitoring capabilities of the Kubernetes cluster. They verify if logs are generated for critical components and events and if monitoring tools are in place to detect and respond to security incidents effectively.

EXPERIENCED CONSULTANTS

Our team of CREST and CyberScheme certified consultants are experienced in assessing Kubernetes environments for both commercial and governmental organisations.

PROACTIVITY

By reviewing the configuration of your Kubernetes estate, you can proactively identify points of weakness within the implementation.

IDENTIFY CONFIGURATION ISSUES

Secure configuration of Kubernetes clusters can be a complex endeavour, as Kubernetes offers a vast amount of configuration options, making Kubernetes prone to misconfigurations. Conducting a Kubernetes review can identify issues in sensitive areas such as authentication, authorisation, network policies, or resource limits.

PREVENT VULNERABILITIES

Containers running within Kubernetes clusters may contain vulnerabilities inherited from their base image or introduced through misconfigurations. Salus Cyber’s Kubernetes review methodology involves the identification of such vulnerabilities, helping you mitigate issues before they become incidents.

How we work

Customer Journey

Identify
First, we take time to familiarise ourselves with your business. This allows us to clearly understand your requirements, your business risks, your key pain-points, and the outcomes you’re looking for.
Understand
We turn those requirements into crystal-clear scoping and test plan documents, so you know precisely what we’ll be doing, when we will be doing it, and how we will do it.
Test
We deliver what we promised.
Simple.
Inform
Every report we create is unique based on your business, we don’t use cookie cutter data for our summaries or our remediation plans. Our precise and concise findings brief will advise what steps your business needs to take next to reduce cyber risk.
Remediate
We can ensure that the remediation process is tracked and coordinated within your business, we will allocate resources to point you in the right directions or if you need our help directly with remediation, we’ve got you covered.
Feedback
Your opinion is important to us, so we send a questionnaire to every one of our customers after each project – so you can let us know how we did.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Penetration Testing

Secure your Kubernetes infrastructure with our configuration review service.

EXPERIENCED CONSULTANTS

PROACTIVITY

IDENTIFY CONFIGURATION ISSUES

PREVENT VULNERABILITIES

More Security Configuration Reviews

MDM Review

Mobile Device Review

Insecure Data Audit

Password Audit

Microsoft 365 Review

Device Configuration Review

Database Security Review

Firewall Security Review

Cloud Security Review

CI/CD Configuration Review

Source Code Review

How we work

Customer Journey

Identify

Understand

Test

Inform

Remediate

Feedback

Request a call back

Find Us

Site Map

Contact

Penetration Testing