Testing the Security of a Kubernetes Cluster in a Production Environment

Sammanfattning: Enterprise grade Kubernetes solutions which are offered by large corporations like Microsoft have become very popular in the most recent years. To protect the integrity of customer information, which resides on shared resources in the Kubernetes cloud, adequate security measures need to be in place. The requirement of staying up to date with the most recent security implementations andvulnerabilities presented in literature is analyzed. This research is conducted specifically for the company Precio-Fishbone, which sells Omnia, an application which improves the usage of Microsoft services. Because customers can alter Omnia themselves, we assume an attack model where a customer is able to add malicious code to Omnia. We show that it is possible to extract information from other customers within the same Kubernetes cluster and highlight which measures need to be taken to prevent the vulnerabilities.