osdfir-infrastructure icon indicating copy to clipboard operation
osdfir-infrastructure copied to clipboard

Published 20 hours ago verified publisher icon google

Create default k8s security policy for Timesketch

Open wajihyassine opened this issue 1 year ago • 0 comments

Name and Version

charts/timesketch

What is the problem this feature will solve?

Improves the security of the deployment / underlying containers

What is the feature you are proposing to solve the problem?

Configure and test a set of security policies for the Timesketch deployment.

This can include:

securityContext:
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  allowPrivilegeEscalation: false
  runAsUser: <USER ID MAPPED IN CONTAINER>

Also by enabling the default seccomp profile: https://kubernetes.io/docs/tutorials/security/seccomp/

More guidance can be found here: https://kubernetes.io/docs/concepts/security/pod-security-standards/

Logging may need to be adjusted to go to the underlying pvc (currently goes to /var/log/timesketch of the pod)

What alternatives have you considered?

No response

wajihyassine avatar Jan 19 '24 00:01 wajihyassine