Container Security

Every EKS Cluster I Audit Has the Same Five Problems

Last quarter I got handed a 'production-ready' EKS cluster. 400 pods running as root with hostNetwork, one IAM role with s3:* on the whole account. It had been running this way for eleven months. That's not an outlier. It's the median.