1. Image and supply chain
- Scan images for vulnerabilities and secrets.
- Use minimal, trusted base images.
- Generate an SBOM and manage dependencies.
2. Cluster hardening
- RBAC and network policies (least privilege).
- Pod security standards and admission control.
- Secure the control plane and secrets.
3. Runtime
Monitor runtime behaviour and enforce policy; detect anomalous container activity.
How CyberSigma helps
We assess your container and Kubernetes security across build, cluster and runtime against CIS Benchmarks.
This guide is educational and not legal advice. Requirements evolve — validate specifics against the current standard or regulation for your situation.
