You're reading from Learning Kubernetes Security A practical guide for secure and scalable containerized environments

Product type Paperback

Published in Jun 2025

Publisher Packt

ISBN-13 9781835886380

Length 390 pages

Edition 2nd Edition

Concepts

Cloud Security

Author (1):

Raul Lapaz

View More author details

Table of Contents (18) Chapters

Preface

1. Kubernetes Architecture FREE CHAPTER

2. Kubernetes Networking

3. Threat Modeling

4. Applying the Principle of Least Privilege in Kubernetes

5. Configuring Kubernetes Security Boundaries

6. Securing Cluster Components

7. Authentication, Authorization, and Admission Control

8. Securing Pods

9. Shift Left (Scanning, SBOM, and CI/CD)

10. Real-Time Monitoring and Observability

11. Security Monitoring and Log Analysis

12. Defense in Depth

13. Kubernetes Vulnerabilities and Container Escapes

14. Third-Party Plugins for Securing Kubernetes

15. Other Books You May Enjoy

Stay relevant in a rapidly changing cybersecurity world – join 65,000+ SecPro subscribers

16. Index

Download a Free PDF Copy of This Book

Appendix: Enhancements in Kubernetes 1.30–1.33

Kubernetes entities as security boundaries

In a Kubernetes cluster, the Kubernetes entities (objects and components) you interact with have their own built-in security boundaries. The security boundaries are derived from the design or implementation of the entities. It is important to understand the security boundaries built within or around these Kubernetes entities:

Containers: Containers are a basic component within a Kubernetes cluster. A container provides minimal isolation to the application using cgroups, Linux namespaces, AppArmor profiles, and a seccomp profile to the application running within the container.
Pods: A Pod is a collection of one or more containers. Pods isolate more resources compared to containers, such as a network and IPC. Features such as SecurityContext and NetworkPolicies work at the Pod level to ensure a higher level of isolation.
Nodes: Nodes in Kubernetes are also a security boundary. Pods can be specified to run on specific...

The rest of the chapter is locked

Tech Concepts

Programming languages

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

You're reading from Learning Kubernetes Security A practical guide for secure and scalable containerized environments

Table of Contents (18) Chapters

Kubernetes entities as security boundaries

Authors (1)

Personalised recommendations for you

You're reading from Learning Kubernetes Security A practical guide for secure and scalable containerized environments

Table of Contents (18) Chapters

Kubernetes entities as security boundaries

Authors (1)

Personalised recommendations for you

Create a Free Account To Continue Reading

Sign in to activate your 7-day free access