 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
By their very nature, highly complex and constantly evolving containerization environments present significant security challenges. These can include misconfigurations, over-privileged roles and vulnerabilities in components. This cannot happen in production environments, or else the business could soon be toast.
To control and reduce this risk, testing cluster configurations and settings in a trusted staging environment before deployment has become mandatory. The problem is, this often requires tedious time/cost overhead for setup and research that nobody likes to undertake because it’s not about innovation or moving the business forward.
In the decade-long existence of containers as key components in current IT systems, this dull but important task has cried out for an efficient, automated tool. That’s what Orca Security set out to build, and as of today, it’s available.
The Orca Research Pod has created KTE, an open source Kubernetes Testing Environment for AWS (EKS), Microsoft Azure (AKS), and Google Cloud (GKE), to help organizations improve their Kubernetes security by providing a safe and controlled space to identify and address potential vulnerabilities before they affect production systems.
Orca’s security research team discovers and analyzes cloud risks and vulnerabilities to strengthen the Orca platform and promote cloud-security best practices. The Orca Research Pod, composed of about a dozen cybersecurity experts, claims to have discovered more than 20 major vulnerabilities on public cloud platforms that were eventually fixed. The team continually analyzes the security of public cloud assets being scanned by the Orca platform, while observing attacker tactics and techniques in the wild.
Starting on August 27, Orca will provide KTE to the open source community under the Apache 2.0 License on Orca’s main GitHub repository. KTE creates a free and agnostic KSPM (Kubernetes Security Posture Management) experience by using a listing of open source offerings.
Orca says it will continue to maintain KTE to support the K8s security community and assist their staging endeavors so they can pinpoint and triage security threats. Users are encouraged to replace the default helm chart with one of their own so they can use this project to test an operational staging environment.
This is the first K8s testing/staging project of its kind, Roi Nisimi, a security researcher at Orca, told The New Stack.
“There are currently no similar projects with the same long-term goal in mind: becoming a one-stop shop for all your Kubernetes security concerns, with a single click, regardless of your cloud provider choice and open to the community. This is the power of KTE,” Nisimi said.
Using the GitHub repository, developers are able to test several security products on their K8s environment. Whether managing systems on AWS, GCP or Azure, participants can use KTE to deploy and scan their clusters. Most importantly, they are provided with clean visibility into their scan results via web-based dashboards, Nisimi said.
Are there any notable differences in versioning between GCP, Azure and AWS?
“The main goal was to provide an infrastructure for any type of Kubernetes user — whether they use GCP, Azure or AWS,” Nisimi said. “In terms of security findings, the currently supported open source tools provide native Kubernetes insights with a few differences, but we expect to see the deployment of many proprietary vendor-specific tools in the future.”
KTE has the potential to become a standard DevSecOps tool. What might it replace?
“The project gives developers the opportunity to test their Kubernetes resources against a vast array of security offerings, and hence achieve a fortified security posture. It will most likely not replace home-built solutions but actually help invent them, allowing to easily test and consolidate quality and varied security data,” Nisimi said
Orca has created and will further maintain KTE to support the K8s security community and assist their staging endeavors so they can pinpoint and triage security threats — not through a single tool, but many open source offerings, with the aim to include all, Nisimi said. This will guarantee a robust and powerful approach to identify K8s misconfigurations and security weaknesses, Nisimi said.
