CIS Kubernetes Benchmark
Profile Applicability: Level 1 Description: This check ensures that the ability to create pods is restricted to only trusted users and service accou...
Mon, 12 May, 2025 at 4:30 AM
Profile Applicability: Level 1 Description: The proxy sub-resource of a node in Kubernetes allows users to access node-level services via the Kuber...
Mon, 12 May, 2025 at 4:38 AM
Profile Applicability: Level 1 Description: This check ensures that the --anonymous-auth argument in the Kubernetes API server configuration is set to f...
Mon, 12 May, 2025 at 4:47 AM
Profile Applicability: Level 1 Description: This check ensures that the config.yaml file used by the kubelet has the correct file ownership set to root:...
Mon, 12 May, 2025 at 4:58 AM
Profile Applicability: Level 1 Description: Persistent Volumes (PVs) in Kubernetes are used to provision and manage storage resources that outlast t...
Mon, 12 May, 2025 at 5:06 AM
Profile Applicability: Level 1 Description: Kubernetes provides Bind, Impersonate, and Escalate permissions in RBAC (Role-Based Access Control) to a...
Mon, 12 May, 2025 at 5:16 AM
Profile Applicability: Level 1 Description: In Kubernetes, each namespace has a default service account (default), which is automatically assigned t...
Mon, 12 May, 2025 at 5:20 AM
Profile Applicability: Level 1 Description: The system:masters group in Kubernetes provides unrestricted access to the cluster, including the abilit...
Mon, 12 May, 2025 at 5:23 AM
Profile Applicability: Level 1 Description: Kubernetes automatically mounts service account tokens into containers in the form of environment variab...
Mon, 12 May, 2025 at 5:30 AM