Lateral movement

Controller creating pods without Security Context

Platform(s)

  • N/A

Compliance Frameworks

Description

A security context defines the operating system security settings (uid, gid, capabilities, SELinux role, etc..) applied to a container. There are two levels of security context: pod level security context, and container level security context. Orca has detected that the {K8sController} controller creates pods without the SecurityContext property.
Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.