- Software supply chain used to build container images, including base images and image components
- Deployed and running containerized workloads made up of individual pods
- Infrastructure components needed to run Kubernetes clusters, including its control plane and worker nodes
To understand the essentials of cloud native application security, it’s important to protect the underlying Kubernetes environment and its relevant attack surface, which consists of three main areas:
- Software supply chain
- Deployed and running workloads/containers
- Kubernetes infrastructure
This whitepaper uses these categories as a framework to describe key security concepts around securing Kubernetes apps and infrastructure.