Improving Kubernetes cluster security through a penetration testing process
Patrikainen, Joni (2024)
2024
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2024101926562
https://urn.fi/URN:NBN:fi:amk-2024101926562
Tiivistelmä
The company where the thesis was done works on telecommunication industry.Security is an import part of modern software development. The organization required an internal penetration testing for the product.
The goal was to perform the penetration testing each quarter and produce a document describing the found vulnerabilities with observations and remediations. There was also a plan to develop each quarter the testing further to search more findings.
During the thesis writing the penetration testing has been conducted around ten times from the 2022 to the end of 2024.
As a result, the product security and vulnerability testing automation has improved. The future planned improvements aim to enhance product security through time saving automation and by better collaboration with development teams.
The goal was to perform the penetration testing each quarter and produce a document describing the found vulnerabilities with observations and remediations. There was also a plan to develop each quarter the testing further to search more findings.
During the thesis writing the penetration testing has been conducted around ten times from the 2022 to the end of 2024.
As a result, the product security and vulnerability testing automation has improved. The future planned improvements aim to enhance product security through time saving automation and by better collaboration with development teams.