GKE Nodepool creating nodes without Secure Boot

Vendor services misconfigurations

GKE Nodepool creating nodes without Secure Boot

Platform(s)

Compliance Frameworks

CCPA
CPRA
GKE CIS
iso_27001_2022
iso_27002_2022
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails in order to prevent an attacker that seeks to alter boot components to persist malware or root kits during system initialisation. It was detected that {GcpGkeCluster.NodePools} does not use Secure Boot feature for it's nodes.

Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

GKE Nodepool creating nodes without Secure Boot

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS