Skip to content

Cluster internal networking

Info

ID: MS-TA9034
Tactic: Lateral Movement
MITRE technique: T1210

Kubernetes networking behavior allows traffic between pods in the cluster as a default behavior. Attackers who gain access to a single container may use it for network reachability to another container in the cluster.

Mitigations

ID Mitigation Description
MS-M9014 Network Segmentation Provision pod network policies to restrict the traffic between pods
MS-M9005 Image Assurance Policy Avoid deployment of vulnerable applications to the cluster