Kubernetes Security Assessment

Master Thesis

Home
Plan
Documentation
Downloads
Contact

Home

Student Name: Pavel Semenov

Study Programme: Applied Computer Science

Primary language: English

Secondary language: Slovak

Supervisor: RNDr. Richard Ostertág, PhD.

Abstract: Kubernetes has been gaining popularity rapidly in recent years as more and more enterprise solutions are subjected to cloud transformation and more companies are looking for the ways to increase development efficiency and reduce development costs. This brings new concerns from clients and stakeholders about the security of Kubernetes and its exposure to cyber-attacks. This thesis studies, compares and evaluates the state-of-the-art tools designed to discover vulnerabilities concerning the cluster configuration files, running pods or cluster itself. Assessment is carried out in both local cluster setup predisposed with multiple vulnerabilities and real-world enterprise cloud infrastructure. Based on the assessment results we intend either to improve one of the existing tools or develop a Kubernetes security framework of our own, which will be able to provide better results in addressing the cluster security.