Kubernetes Application Security and Serverless Platforms

A lot of people aren’t aware of the nature of the term “serverless” and to understand the gravity of the forecasts mentioned in this article, understanding the nature of serverless is important. The nature of serverless computing framework is basically to abstract applications at a much higher level to provide portability, resource utilization and cost benefits. In an ideal situation, after developers have checked in code, a serverless computing framework will take control of the pipeline from build, ship, to run enabling users to easily scale and manage applications. As compared to the usual existing container framework, serverless is advancing much further in abstraction. It automates and responds to everything needed for running these services. All these are important for the rapid evolution of cybersecurity and tech in the next four years . Many of the forecasts of cybersecurity and tech  also revolve around the role of Kubernetes, which is an open-source container-orchestration system for automating computer application deployment, scaling, and management.

In 2021, the first major container runtime breach may be witnessed and according to Josh Stella (CEO of Fugue), 2021 will be the year in which the first significant data breach involving the exploitation of container runtime misconfiguration will be seen. He has also stated that the adoption of container technologies such as Kubernetes is far exceeding the common understanding of the part runtime configuration plays in the security of data.

In the coming years , Kubernetes will be the target of cyber attackers. According to many cybersecurity research journals , cyberattackers will bring even better focus to breaching Kubernetes deployments and will make their attempts even more sophisticated to target Kubernetes environments. There were some breaches in 2020 related to unprotected Kubernetes clusters however most of them were caused by bad actors taking advantage of some common security oversights. Even though sophisticated attacks haven’t been noticed yet, they will be occurring more in coming years due to widespread usage of Kubernetes.

Even though there has been an increase in the number of on-prem  K8s distributions in recent years, there is a possibility that as more organizations gravitate to cloud-based Kubernetes offerings and consolidate platforms as well. 

The frequency of software supply chain attacks also increased . In 2020 attackers launched a large number of orchestrated attacks on the software supply chain, targeting build features on Docker Hub, GitHub, CircleCI and others. According to Various Research Teams, in the coming years their objectives will be more sinister than cryptocurrency mining, and the techniques they use will expand significantly.

Infrastructure as Code (IaC) will be the target of new threats, as DevOps moves more broadly to use Infrastructure as Code (IaC) to automate the provisioning of cloud-native platforms, it is only a matter of time before vulnerabilities in these processes are exploited. The use of multiple types of templates leaves an opening for attackers to embed deployment automation of their components, which when executed may allow them to manipulate the cloud infrastructure of their attack targets.

CISOs that fail to understand the importance of security transformation in a successful digital transformation effort and resist security transformation will find themselves largely irrelevant in the modern digital enterprise, relegated to simply managing employee education programs. The key to security transformation and renewed CISO relevance is a focus on empowering the organization to innovate faster than the competition, rather than a focus on being gatekeepers to innovation.

In many organizations, DevOps and DevSecOps will evolve into “platform teams”. New “platform teams” will take the lead on enterprises’ strategy for what historically has been within the purview of cloud operations, security, and development tooling functions, to provide a higher-level abstraction to application developers. This will free the developers to focus on the business application itself, with less concern about the underlying infrastructure often required by DevOps-oriented teams. Finding the talent able to take this broader architectural view will be a challenge.

Service mesh vendor consolidation will be initiated and  organizations have been early adopters of service mesh technologies to automate and standardize functionality that would otherwise have to be implemented in application code. While particularly helpful for things like setting up observability and secure connections between components, most would agree there are now too many solutions in use. Organizations will rationalize their service mesh implementations, choosing those that give them what they need and perform well, with a minimum of complexity.

Cloud WAF | Kubernetes WAF | virtual patching