Member-only story
Kubernetes Security : Supply chain Vulnerabilities
Introduction
In a recent post on my blog, I went through some of the fundamentals of Kubernetes, including why it is necessary and what aspects of it are crucial. On the other hand, if you are interested in having a look, please click on the link that has been provided below:
https://gupta-bless.medium.com/kubernetes-security-insecure-workload-configurations-a57d9649c876.
Microservices are now typically run utilising containers and images. Whenever the devops is going to build an image and then deploy it in the production, they have to follow the processes of SDLC such as Acquire, Build, Deliver, Deploy, Run and Maintain. If the recommended security procedures are not followed at each stage, any stage could be compromised. Even a single image could be using a lot of third party dependencies that makes it very tough for devops to keep it secure and maintain those. There are a few difficulties, but the Supply Chain Vulnerability in Kubernetes is the topic that will be covered in this blog post.
What is a Supply Chain attack?
In order to produce a product, Supply Chain is all about determining how this source code is created and saved into the artefacts, as well as where these artefacts keep the data. An example of this would be in…
