Some additional inforIn a previous blog, we discussed how a malicious actor can exploit CVE-2020-8554 to bypass Kubernetes' RBAC isolation and conduct a man-in-the-middle attack. We demonstrated the network connections between the victim and the attacker. In this blog, we show how NeuVector protects your applications against this Kubernetes vulnerability.mation in one line
NeuVector provides enterprise-grade security solutions for new cloud infrastructures including platforms like container, Kubernetes, serverless, and more,. New platforms generate new security risks. Let’s look at the unique challenges of data protection in Kubernetes production environments, including SOC2 compliance.
This year, a new vulnerability, CVE-2020-8554, was reported and it affects all Kubernetes versions. The vulnerability enables the attacker to take advantage of the Kubernetes' built-in service definition with a less-often used option, externalIPs, to initiate a Man-in-the-Middle attack. Conceptually, this MiTM is not new at all, it's one of the most popular network attacks in traditional network environments. It’s not surprising that hackers apply their old tricks to the container/Kubernetes world.
Container DLP capabilities protect sensitive PII and PCI data in container networks across multi-cloud and hybrid cloud environments San Francisco, CA – March 1, 2019 – NeuVector, the leader in container network security, today announced significant new enhancements in NeuVector 3.0 – a new version of the platform trusted to deliver highly-integrated, automated, and network-aware container security for production Kubernetes …