Skip to main content

Kubernetes Security library

Comprehensive security management and risk-minimizing measures for Kubernetes clusters.

Why the Kubernetes Security Library?

50+ security risks

Gain deep insights into over 50 critical security risks and how to manage them.

Icon with a hand, shield, and network structure, symbolizing risk management and protective measures.
Icon with a hand, gear, and checkmark, surrounded by an arrow, symbolizing process optimization and quality assurance.

Over 100 measures

Find specific recommendations for action to effectively minimise risk.

Specific for Kubernetes

Customised security solutions for your Kubernetes infrastructure.

Icon with Container and cloud, symbolizing container technology.
Icon with two arrows in a cycle and a checkmark in the center, symbolizing continuous updates..

Continuous updates

Stay up to date with the latest safety research and regulation.

Practical expertise

Benefit from practical expertise for a robust security strategy.

Icon of an open book with a hovering light bulb, symbolizing learning and innovation.

Risks & Measures

An insecure container can be intercepted by a secure cluster, but not vice versa. This library is action-oriented and distinguishes between Azure AKS and On-Premise environments.

Top security risks
Important Measures

Parkerian Hexad

The Kubernetes Security Library is based on the protection goal definition of the "Parkerian Hexad".
This deals with 6 basic protection goals:

Confidentiality

Refers to the property that information is not made available to or passed on to unauthorized individuals.

Availability

Means being able to access information in a timely manner. For example, both a hard disk crash and denial-of-service attacks result in an availability violation. Any delay that exceeds the expected service levels for a system can be called an availability violation.

Usability

Suppose a hacker encrypts one's data using, for example, ransomware. The affected data does not lose its confidentiality, integrity, or availability, but it is no longer usable.

Integrity

Refers to the accuracy or consistency with the intended state of information. Any unauthorized modification of data, whether intentional or accidental, is a violation of data integrity. For example, data stored on disk is expected to be stable - it should not be accidentally altered by problems with a disk controller. Similarly, application programs should record information correctly and not introduce deviations from intended values.

Authenticity

Refers to the accuracy of the originating claim or authorship of the information. For example, one method of verifying the authorship of a handwritten document is to compare the handwriting characteristics of the document with a sample of others that have already been verified. For electronic information, a digital signature could be used to verify the authorship of a digital document using public key cryptography. 

Parker Hexad with six terms: Confidentiality, Ownership or Control, Availability, Usability, Integrity, and Authenticity.

Container hardening from KubeOps

Do you want even more security for your Kubernetes clusters? With our special 5-level hardening you have the possibility to protect your containers even better. Visit our container hardening page for more information.

Container Hardening
Graphic with five colored bars ranging from 'INTEGRATED' to 'HARDENED,' represented by diamonds as progress indicators.