Vendor services misconfigurations

EKS Node with public IP address

Platform(s)
Compliance Frameworks
  • CCPA
  • ,
  • CPRA
  • ,
  • EKS CIS
  • ,
  • ISO 27701
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-190
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • UK Cyber Essentials

Description

Orca has detected that the EKS node {K8sNode} has a public IP address. Disabling public IP addresses on cluster nodes restricts access to only internal networks, forcing attackers to obtain local network access before attempting to compromise the underlying Kubernetes hosts.