Resources for Securing Kubernetes
A work in progress collection of resources for securing a kubernetes cluster.
A good understanding of the k8s architecture and automating operations of your cluster is probably the best place to start:
It should also be noted that the
kubelet api has no authentications and allows for remote code execution (this is how
kubectl exec works).