Network intrusion prevention
Info
ID: MS-M9007
MITRE mitigation: M1031
Use intrusion detection signatures and web application firewall to block traffic at network boundaries to pods and services in a Kubernetes cluster.
Adapting the network intrusion prevention solution to Kubernetes environment might be needed to route network traffic destined to services through it. In some cases, this will be done by deploying a containerized version of a network intrusion prevention solution to the Kubernetes cluster and be part of the cluster network, and in some cases, routing ingress traffic to Kubernetes services through an external appliance, requiring that all ingress traffic will only come from such an appliance.
Techniques Addressed by Mitigation
| ID | Name | Use |
|---|---|---|
| MS-TA9004 | Application vulnerability | Use network intrusion prevention to block exploiting vulnerabilities. |