A security vulnerability was recently uncovered that allowed for attackers to perform a cross-account container takeover in Microsoft’s public cloud… hence the name ‘Azurescape.’
This is actually extremely relevant to a webinar we hosted on best practices to secure your Kubernetes cluster. Check it out here.
It was found that this issue exists in Azure Container Instances (ACI), where part of the infrastructure that houses these ACI’s also contains multi-tenant Kubernetes clusters. Since these clusters are being shared by other users, a cyberattacker could theoretically also gain full control of the other users’ clusters and cause damage.
Is this something you were aware of? Have you taken any steps to sure up your defenses?
Let’s get the discussion started below. I’m sure our resident Kubernetes expert @magnologan has some thoughts on this