13 docs tagged with "best-practice"

How to prevent pods from accessing cloud provider metadata services (IMDS) and stealing IAM credentials in Kubernetes.

Learn strategies to mitigate Distributed Denial-of-Service (DDoS) attacks in Kubernetes clusters.

Protect CoreDNS from spoofing, cache poisoning, DNS tunneling, and unauthorized modifications to enhance Kubernetes cluster security.

Restrict and monitor outbound traffic from Kubernetes workloads to prevent data exfiltration, command-and-control communication, and unauthorized external access.

Best practices to prevent the exposure of sensitive data in Kubernetes through secure secrets management techniques and external secret stores.

Overview of Kubernetes Kubelet security covering authentication, authorization, TLS, resource limits, and hardening best practices.

Explore how Network Policies in Kubernetes control traffic flow and enhance security.

Learn how Kubernetes Pod Security Standards (PSS) enforce security controls for workloads and replace the deprecated Pod Security Policies (PSP).

How to control ephemeral container and kubectl debug access through RBAC, Pod Security Standards, and admission control in Kubernetes.

How to disable kubelet anonymous authentication, configure certificate-based authentication, and implement proper authorization to protect Kubernetes nodes.

How to protect Kubernetes PersistentVolumes from unauthorized access, data exposure, and cross-namespace attacks through proper configuration and RBAC.

Best practices for protecting the Kubernetes API server against unauthorized access and exploitation.

Improve Kubernetes security by implementing mutual TLS (mTLS), zero-trust networking, and policy-based access control using service meshes like Istio, Linkerd, and Cilium.