Skip to main content

Kubernetes Security Posture Management (KSPM) - Bitdefender TechZone

Abstract

Identify and mitigate risks in your K8s clusters. Bitdefender KSPM provides you with detailed risk details and remediation actions to minimize your organization's attack surface.

Kubernetes is an open-source system for managing and automating container workloads in the cloud and on-prem. It orchestrates containerized applications by automatically handling deployment, scaling, load balancing, and self-healing.

Complex Kubernetes configuration can lead to misconfigurations, such as over-permissive Role-Based Access Control (RBAC) settings, which grant a low-privilege ServiceAccount the ability to create tokens for other ServiceAccounts. This specific misconfiguration can be exploited by an attacker for privilege escalation and persistent access to the cluster, maintaining a foothold even after the initially compromised user account is revoked.

Kubernetes Security Posture Management (KSPM) allows you to identify and remediate misconfigurations within your Kubernetes (K8s) environment, and it is included in the Bitdefender CSPM+ license.

Integration

To start the integration, download the Kubernetes Cluster Agent (Helm chart package) from GravityZone > Network > Installation Packages, and install it on your K8s clusters.

Kubernetes Cluster Agent installation packages

Detailed information about the integration can be found at our Bitdefender Support Center here.

Resources and Findings

Your K8s clusters will be automatically scanned once every 24 hours. The results are presented in the Risk Management section in  Findings and Resources sections. Both sections provide a comprehensive view of all detected risks, offering key data points for effective prioritization and remediation. This includes Risk score, Cluster and Resource name, and Mitigation type.

Risk Management Findings

Bitdefender Risk Management Findings page.

This collected risk data is calculated and reflected in the Company state widget in the Risk Management dashboard, which represents the overall risk level your organization faces.

Remediations

For all findings related to Kubernetes misconfiguration, you have access to detailed Manual Remediations. This dedicated Risk Mitigation section provides you with clear, step-by-step guidance on how to resolve misconfiguration issues with your K8s environment.

Risk Mitigation Manual Action

Detailed view of selected finding with remediation instruction.

Recommended Content

o learn more about the technologies included in the Prevention layer, we recommend reading the next article Full Disk Encryption.

More Resources

For comprehensive insights into Risk Management, we invite you to watch our masterclasses here.

For comprehensive insights into Securing Kubernetes Environments with GravityZone, we invite you to watch our masterclasses here.