https://community.isc2.org/t5/Cloud-Security/Kubernetes-exposed-to-the-internet/m-p/51129#M210 <P>This is a serious call for action. Review your K8S clusters for ingress control now!</P> Sat, 21 May 2022 14:34:00 GMT AppDefects 2022-05-21T14:34:00Z https://community.isc2.org/t5/Cloud-Security/Kubernetes-exposed-to-the-internet/m-p/51105#M209 <P>HI All</P><P>&nbsp;</P><P>Well we have been talking about it, and now the reality has been realised.</P><P>&nbsp;</P><P>Back to the Shared Responsibility Model from the cloud provider; who responsibility when we know those who do not read the documentation i.e. the client - you must not should place a gateway in front of all public access to your stack.&nbsp; A load balancer is not sufficient, a Web Application Firewall is a good idea, but remember there are many high end ports left open by default by Cloud Providers, which can provide direct insights from the internet directly.&nbsp;&nbsp; So read, read again, and check with the cloud provider and other sources to validate that you are protected or not.</P><P>&nbsp;</P><P><A href="https://www.darkreading.com/application-security/more-than-eight-in-10-kubernetes-api-servers-exposed-to-the-internet?utm_source=dlvr.it&amp;utm_medium=linkedin" target="_blank">https://www.darkreading.com/application-security/more-than-eight-in-10-kubernetes-api-servers-exposed-to-the-internet?utm_source=dlvr.it&amp;utm_medium=linkedin</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Mon, 09 Oct 2023 10:11:30 GMT https://community.isc2.org/t5/Cloud-Security/Kubernetes-exposed-to-the-internet/m-p/51105#M209 Caute_cautim 2023-10-09T10:11:30Z https://community.isc2.org/t5/Cloud-Security/Kubernetes-exposed-to-the-internet/m-p/51129#M210 <P>This is a serious call for action. Review your K8S clusters for ingress control now!</P> Sat, 21 May 2022 14:34:00 GMT https://community.isc2.org/t5/Cloud-Security/Kubernetes-exposed-to-the-internet/m-p/51129#M210 AppDefects 2022-05-21T14:34:00Z