Kubernetes Security Report

In this report - which is based on our scans of over 200,000 cloud accounts - we dive into the state of Kubernetes security, providing statistics that shed light on the prevalence of threats in Kubernetes environments and uncovering risks that often go unnoticed. Our research team surveys the data to answer questions like:

• How many clusters have passed their End of Support days?

• How common are critical vulnerabilities in publicly-exposed containers?

• What are the numbers for new Pod Security
  Standards adoption?

But we don't stop there. Rather than listing statistics in an ad-hoc fashion, we quantify the risks by attributing them to the stages of the full attack path - from initial access to impact. We also provide a series of statistics on security controls and mitigations. Overall, our analysis enables us to examine the weakest links in cloud environments and devise the best ways to defend against attacks. We dub this defense approach The Zone Defense (a basketball metaphor) and present our final recommendations in the executive summary.