The NSA and CISA have posted a minor update to the Kubernetes Hardening Guidance. The updated document can be accessed at NSA.

August 3, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) and have released Kubernetes Hardening Guidance, a cybersecurity technical report detailing the complexities of securely managing Kubernetes – an open-source, container-orchestration system used to automate deploying, scaling, and managing containerized applications. This report describes the security challenges associated with setting up and securing a Kubernetes cluster, and presents hardening strategies to guide system administrators in avoiding common misconfigurations. Access the report at the NSA or below.