The National Security Agency (NSA) partnered with the Cybersecurity and Infrastructure Security Agency (CISA) to provide guidance on Kubernetes, an open-source automation system used for containerized applications.
The agencies' Kubernetes Hardening Guidance report tackles threats to Kubernetes and offers risk reduction practices, NSA said Tuesday. Cyber attackers target Kubernetes environments to steal data and computational power or disrupt applications.
The report advises organizations to scan containers for vulnerabilities, separate networks and apply defensive measures such as strong authentication and firewalls.
The agencies also recommend that system administrators periodically review Kubernetes settings and inspect for vulnerabilities. The new guidance aligns with NSA's mission to protect national security systems and the defense industrial base.