Report: Some Enterprises Aren't Securing their Kubernetes Dashboards

by Developer.com Staff

Three hundred container orchestration dashboards running on cloud computing services didn't require any authentication for access.

Security vendor Lacework is releasing a new report on the need for enterprises to better secure their container orchestration dashboards. The company found 21,160 publicly facing container orchestration dashboards on cloud computing services, and of those, 300 didn't require a login or password to access. Seventy-six percent of the dashboards discovered were based on Kubernetes, while 19 percent were Docker Swarm deployments. And 95 percent of the vulnerable dashboards were running on Amazon Web Services (AWS).

Other security experts have also raised warnings about the need to secure container orchestration platforms. Security firm RedLock previously revealed that automaker Tesla had an open Kubernetes cluster that cybercriminals were using to mine cryptocurrency.

View article

This article was originally published on Tuesday Jun 19th 2018
Mobile Site | Full Site