Перейти к основному содержанию
AkademIndex

Продукты

Для разработчиков

AkademBaseОткрытый API экосистемы
Статья

KUBERNETES IN CYBERSECURITY: ARCHITECTURE, VULNERABILITIES, AND DEFENSE-IN-DEPTH HARDENING FRAMEWORKS

Bozorov SuhrobjonDepartment of Cryptology, TUIT named after Muhammad al-Khwarizmi
ABI

Аннотация

As cloud-native computing establishes itself as the operational backbone of modern enterprises, Kubernetes (K8s) has emerged as the unchallenged industry standard for container orchestration. However, its complex architectural framework and extensive API interface expose an expanded attack surface, making it a critical focus in cybersecurity research. This paper presents a systematic review of Kubernetes in cybersecurity, focusing on vulnerabilities, real-world incident statistics, and defensive strategies published between 2020 and 2025. We explore structural components—including the control plane, worker nodes, and the API gateway—and evaluate how minor misconfigurations propagate into full cluster compromises via chained escape attacks. This study contrasts native Role-Based Access Control (RBAC) with emerging fine-grained mitigation frameworks like KubeFence, automated scheduling constraints, and policy-as-code engines. Finally, empirical security statistics from recent threat reports are analyzed to deliver a structured, defense-in-depth matrix essential for cloud security architects safeguarding multi-tenant containerized environments.

Перевод пока недоступен

Темы

Идентификаторы

Цитирования и источники

Цитирований: 0Использованных источников: 0