Controller creating pods without Security Context

Lateral movement

Controller creating pods without Security Context

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AKS CIS
EKS CIS
GKE CIS
K8s CIS

Description

A security context defines the operating system security settings (uid, gid, capabilities, SELinux role, etc..) applied to a container. There are two levels of security context: pod level security context, and container level security context. Orca has detected that the {K8sController} controller creates pods without the SecurityContext property.

Recommended Mitigation

Consider Applying Security Context attributes to {K8sController}

Controller creating pods without Security Context

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS