Kubernetes Pod Security
Pods are where containers are run and represent the most common point of security breaches.
Pods are where containers are run and represent the most common point of security breaches.
Pods are the atomic unit of scheduling in Kubernetes and are the “workloads” responsible for running one or multiple containers. Those containers are where the applications themselves are run. Most of the security controls available to pods are not enabled by default and can result in users taking over nodes in the cluster by granting themselves too many privileges. Pod Security Standards are a collection of practices that see to the careful control and restriction of these privileges in profiles which cover these known fields of privilege escalation. Nirmata provides these Standards as pre-built, tested, and validated Kyverno Kubernetes pod security policies which can be dropped in and activated quickly and easily.
Nirmata provides a holistic platform for managing the security of Kubernetes environments in which Kubernetes Pods form a central pillar. The Pod Security Standard policies are woven into the Nirmata platform and become a first-class citizen, which means ease of deployment through to insights.