To understand how to secure cloud-native apps, it’s important to protect the underlying Kubernetes environment and its relevant attack surface, which consists of three main areas:
- Software supply chain
- Deployed and running workloads/containers
- Kubernetes infrastructure
This whitepaper refcard uses these categories as a framework to describe key security concepts around securing Kubernetes apps and infrastructure.