container securit y research - lacework.com · container securit y research research repor t on...
TRANSCRIPT
CONTAINER SECURITY RESEARCH Research report on discovered open and vulnerable container
orchestration panels in the cloud.
21,169
95%
58%
30
Internet Facing Clusters
During the week of June 1st, 2018 wediscovered more than 21,000 publiclyfacing container orchestration platforms.
Hosted on AWS
By far the highest percentage of clustersare hosted in AWS. Followed up byGoogle Cloud and OVH.
Hosted in United States
There were more than 14 differentcountries represented. The top 5 afterthe US were; Ireland, Germany, Australia,Singapore, and the UK. The most popularAWS region is US East.
Open with no Password
We identified 305 Management Clustersthat had no authentication turned on,virtually given at attacker completeaccess. Additionally several had theability to perform remote code executionvia their API's or UI.
Assess your AWS Cloud for Security
Discover right away if you have open Kubernetes Management clustersand check your AWS cloud forcompliance and security. Sign-up todayfor a Lacework 30 day free assessmentat lacework.com/free-trial.
305
78%
Kubernetes represented more than 78%of all open IP's, followed by; DockerSwarm options, Mesos, and thenMarathon. Swarm options were;Portainer, Docker Swarm, andSwarmpit.io.
Kubernetes Top Ranked