You're reading from Learn Kubernetes Security Securely orchestrate, scale, and manage your microservices in Kubernetes deployments

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216503

Length 330 pages

Edition 1st Edition

Languages

C++

Tools

Kubernetes

Concepts

Cloud Security

Authors (2):

Pranjal Jumde

Kaizhe Huang

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Introduction to Kubernetes

2. Chapter 1: Kubernetes Architecture FREE CHAPTER

3. Chapter 2: Kubernetes Networking

4. Chapter 3: Threat Modeling

5. Chapter 4: Applying the Principle of Least Privilege in Kubernetes

6. Chapter 5: Configuring Kubernetes Security Boundaries

7. Section 2: Securing Kubernetes Deployments and Clusters

8. Chapter 6: Securing Cluster Components

9. Chapter 7: Authentication, Authorization, and Admission Control

10. Chapter 8: Securing Kubernetes Pods

11. Chapter 9: Image Scanning in DevOps Pipelines

12. Chapter 10: Real-Time Monitoring and Resource Management of a Kubernetes Cluster

13. Chapter 11: Defense in Depth

14. Section 3: Learning from Mistakes and Pitfalls

15. Chapter 12: Analyzing and Detecting Crypto-Mining Attacks

16. Chapter 13: Learning from Kubernetes CVEs

17. Assessments

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Chapter 13: Learning from Kubernetes CVEs

Common Vulnerabilities and Exposures (CVEs) are identifications for publicly known security vulnerabilities and exposures that are found in popular applications. The CVE ID is made up of the CVE string followed by the year and the ID number for the vulnerability. The CVE database is publicly available and is maintained by the MITRE Corporation. The CVE entries include a brief description of each issue, which is helpful to understand the root cause and severity of the issue. These entries do not include technical details about the issue. CVEs are useful for IT professionals to coordinate and prioritize updates. Each CVE has a severity associated with it. MITRE uses a Common Vulnerability Scoring System (CVSS) to assign a severity rating to a CVE. It is recommended to patch high-severity CVEs immediately. Let's look at an example of a CVE entry on cve.mitre.org.

As you can see in the following screenshot, a CVE entry includes the ID...