Lateral movement

Controller creating pods without Security Context

  • N/A

Compliance Frameworks


A security context defines the operating system security settings (uid, gid, capabilities, SELinux role, etc..) applied to a container. There are two levels of security context: pod level security context, and container level security context. Orca has detected that the {K8sController} controller creates pods without the SecurityContext property.