Kubernetes threat actors are growing more sophisticated, and are beginning to target excessive permissions and Role-Based Access Control (RBAC) misconfigurations. To understand the real-world impact of excessive permissions, Prisma Cloud researchers analyzed popular Kubernetes platforms - distributions, managed services, and common add-ons - to identify widespread infrastructure components that run with powerful permissions. In 62.5% of the Kubernetes platforms reviewed, privileged credentials were distributed across every node in the cluster. As a result, in half of the platforms examined, a single container escape was enough to take over the entire cluster.
Get your copy of the whitepaper to learn about:
- Privilege escalation attacks in Kubernetes.
- The real blast radius of container escapes.
- How to evaluate and strengthen your RBAC posture.
- A newly released open-source tool that can identify risky permissions and privilege escalation paths in your clusters.
