Randhir Singh

As a CNC Security SPOC, we should be aware of the documents which help in understanding the threat landscape for the CNC product portfolio. These documents include:  Documents which help to understand the threat landscape presented by Cloud Native Environments - topics include security best practices and common threats associated with the CNC technologies: Kubernetes, Containers, Microservices, Containerized Software Delivery, infrastructure security, network security, MySql, etc.  Documents which help to understand the threat landscape presented by 5G Core Networks - topics include security best practices and recognized 5G threats.  Key:   CNE MySQL 5G Infrastructure Date Author Document Abstract Keywords 01 Apr 2019   Oracle Oracle Linux 7 Security Guide The Oracle Linux 7 Security Guide provides a broad set of security guidelines for the Oracle Linux 7 operating system. The document details procedures, tools, and best practices for securing an OL7 base...

CIS Benchmark Kubernetes - PSP The  CIS  document provides prescriptive guidance for establishing a secure configuration posture for Kubernetes. The Pod Security Policies (PSP) enable fine-grained authorization of pod creation and updates.  In this article, we'll review the CIS benchmark items for  Pod Security Policies  and provide implementation details on how to enforce them on Kubernetes cluster. Let us first review the CIS benchmark guidance for Pod Security Policies.  CIS Benchmark Overview The following items are checked for this benchmark item: 1.7 PodSecurityPolicies 1.7.1 Do not admit privileged containers  1.7.2 Do not admit containers wishing to share the host process ID namespace  1.7.3 Do not admit containers wishing to share the host IPC namespace  1.7.4 Do not admit containers wishing to share the host network namespace  1.7.5 Do not admit containers with allowPrivilegeEscalation  1.7.6 Do not admit root containers...