The NSA, yes, the National Security Agency, has two jobs. One you know about from my spy movies and the like is to eavesdrop on communications outside the United States. The other half of their job, though, is less well known. Their other job is to protect communications from other would-be snoopers. So, it is that the NSA made the original secure Linux (SELinux); has written guidelines on how to secure video conferencing, text chatting, and collaboration tools; and now explains how to harden Kubernetes against attackers.
This isn’t the first time the NSA has helped us to secure Kubernetes. Their new Kubernetes Hardening Guide has been updated and is more useful today. For instance, the NCC Group saw that the first version’s information about Kubernetes authentication was “largely incorrect” because it claimed Kubernetes doesn’t provide an authentication method by default.” NCC Group noted, though, that Kubernetes supports both token and certification authentication natively.