Detections
Analytics

CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master

Audit Details

Name: CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.5

Estimated Item Count: 13

File Details

Filename: CIS_Kubernetes_v1.23_v1.0.1_Level_2_Master.audit

Size: 46 kB

MD5: 26f27197123945f887d7fac6ddd1d7d2
SHA256: 6c9b7fe782c1296401d60a2b795a7f162998fd8c174435fd55e18941a496c879

Audit Changelog

 
Revision 1.5

Jun 17, 2024

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Apr 12, 2023

Functional Update
  • 1.3.6 Ensure that the RotateKubeletServerCertificate argument is set to true
  • 2.7 Ensure that a unique Certificate Authority is used for etcd
  • 3.2.2 Ensure that the audit policy covers key security concerns
  • 5.2.10 Minimize the admission of containers with capabilities assigned
  • 5.2.7 Minimize the admission of root containers
  • 5.3.2 Ensure that all Namespaces have Network Policies defined
  • 5.4.1 Prefer using secrets as files over secrets as environment variables
  • 5.4.2 Consider external secret storage
  • 5.5.1 Configure Image Provenance using ImagePolicyWebhook admission controller
  • 5.7.2 Ensure that the seccomp profile is set to docker/default in your pod definitions
  • 5.7.3 Apply Security Context to Your Pods and Containers
  • 5.7.4 The default namespace should not be used
Informational Update
  • 3.2.2 Ensure that the audit policy covers key security concerns
Miscellaneous
  • Metadata updated.
  • Platform check updated.
Removed
  • CIS_Kubernetes_v1.23_v1.0.1_Level_2_Master.audit from CIS Kubernetes v1.23 Benchmark v1.0.1
Revision 1.3

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.1

Dec 7, 2022

Miscellaneous
  • Metadata updated.