- Software supply chain used to build container images, including base images and image components
- Deployed and running containerized workloads made up of individual pods
- Infrastructure components needed to run Kubernetes clusters, including its control plane and worker nodes
To understand how to secure cloud-native apps, it’s important to protect the underlying Kubernetes environment and its relevant attack surface, which consists of three main areas:
- Software supply chain
- Deployed and running workloads/containers
- Kubernetes infrastructure
This whitepaper uses these categories as a framework to describe key security concepts around securing Kubernetes apps and infrastructure.