Kubernetes node’s kubelet streaming-connection-idle-timeout is set 0
The kubelet reads various parameters, including security settings, from a config file. Setting idle timeouts ensures that you are protected...
All articles by Orca Security
Kubernetes node’s kubelet protect-kernel-defaults is set false
The kubelet reads various parameters, including security settings, from a config file. Kernel parameters are usually tuned and hardened by...
Ensure auditing is configured for Docker files and directories – /etc/docker/daemon.json (Automated)
As well as auditing the normal Linux file system and system calls, you should also audit all Docker related files...
VMware Virtual Machine with host information feature enabled
A VMware virtual machine is a software-based emulation of a physical computer. By enabling a VM to get detailed information...
Kubernetes node’s kubelet make-iptables-util-chains is set false
The kubelet reads various parameters, including security settings, from a config file. Kubelets can automatically manage the required changes to...
Kubernetes node’s kubelet eventRecordQPS is greater than 5
The kubelet reads various parameters, including security settings, from a config file. The --eventRecordQPS flag on the Kubelet can be...
SSL/TLS Certificate is Vulnerable to Heartbleed
Ensure that none of the server certificates managed by AWS IAM were compromised by the Heartbleed bug, meaning that none...
DynamoDB table auto scaling is disabled
Amazon DynamoDB auto scaling uses the AWS Application Auto Scaling service to dynamically alter provisioned throughput capacity, instead of the...
Amazon EC2 instances launched using Auto Scaling group launch configurations should not have public IP addresses
Auto Scaling group is a logical grouping of instances for the purposes of automatic scaling and management. Amazon EC2 instances...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.