Understanding Kubernetes Identities Part 2: Escalation Paths
In Kubernetes, understanding identity escalation paths is crucial for managing security risks effectively. This blog post delves into defining highly privileged identities and exploring potential privilege escalation paths using highly privileged permissions. Definition of a Highly Privileged Identity in Kubernetes In Kubernetes, a highly privileged identity refers to entities such as users or service accounts […]
Proactively Secure Your Kubernetes With Upwind’s Vulnerability Management
Upwind’s runtime vulnerability management leverages real-time, runtime insights and correlates them with CI/CD and DevOps context, giving you end-to-end visibility and protection for Kubernetes and associated workloads. Upwind’s vulnerability management intelligently prioritizes your most critical vulnerabilities based on real environmental factors, cutting out around 95% of alert noise to focus on the risks that pose […]
Understanding Kubernetes Identities, Part 1
When it comes to Kubernetes, managing identities is pivotal for ensuring secure and efficient cluster operations. These identities can be human users or machines, each requiring specific permissions to perform their tasks. In our latest research, we have explored what Kubernetes identities are, the default identities, the permissions they can have, how to configure these […]
Detect Exposed Kubernetes Dashboards
We are excited to announce a new threat detection, with the ability to identify an exposed Kubernetes Dashboard. This threat detection will inform you when the Kubernetes dashboard for your cluster is exposed to the internet by a Load Balancer. Exposing your dashboard to the internet makes the management interface of your cluster vulnerable to […]
Streamline Container Runtime Security with CRI-O Support
We are excited to announce support for CRI-O (Container Runtime Interface – Orchestrator). CRI-O is an implementation of the Kubernetes Container Runtime Interface (CRI) to enable using Open Container Initiative (OCI) compatible runtimes, making integration between Kubernetes and container runtimes lightweight & seamless. Upwind’s eBPF sensor will now support CRI-O users, in addition to our […]
Ensure Seamless Hybrid-Cloud Security with Support for OpenShift Container Platform
We are excited to introduce support for Red Hat OpenShift in the Cloud or On-Premises. Runtime Security for Red Hat OpenShift Red Hat OpenShift Container Platform is a hybrid-cloud PaaS built around Linux containers, orchestrated and managed by Kubernetes with a Red Hat Enterprise Linux foundation. With this new capability, you can now seamlessly protect […]
How to Secure Kubernetes (on the) Right
A detailed look at why runtime insights are needed to secure Kubernetes.