Tools for Security Auditing and Hardening in Microservices Architecture

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Security and Cloud Computing
Degree programme
Master’s Programme in Computer, Communication and Information Sciences
Nowadays, microservices architecture is the de facto choice for building and deploying modern applications due to its advantages in scalability, fault isolation and software delivery agility compared to monolithic architecture. The containerized microservices make it easier to deploy the same application across different environments without redesigning. The need to scale and manage microservices has led to the emergence of container orchestration tools. Kubernetes is a widely used container orchestration tool to deploy microservices on cloud platforms. Despite the various advantages of Kubernetes, several security risks are associated with it, such as insecure default configuration, misconfiguration, lack of network visibility, unnecessary open routes, malicious traffic to compromised containers, lateral movement, privilege escalation and data movement. In order to mitigate these security risks, it is necessary to harden the Kubernetes cluster by implementing security best practices such as pod security policies and network security policies. More advanced solutions involve isolation on the logical network level, such as software-defined networking or service mesh that acts as firewalls. Another approach is zero-trust networking in which the containers are considered secure, the underlying network is untrusted similar to the Internet, and the communication endpoints use end-to-end security mechanisms such as TLS and authorization tokens. In order to ensure the cluster hardening, it is essential to audit the security configurations and check the level of isolation between the components of the microservice architecture. There are several existing tools to perform security scans on the Kubernetes cluster. However, none of the existing tools provides the deep visibility of the cluster network, and none address the issue of policy drift. This thesis aims to develop an auditing tool for detecting cluster network visibility, auditing cluster configuration to measure the reachability between the components of a microservices architecture. The developed tool KubePatrol provides comprehensive scanning and reporting of the security status of a Kubernetes cluster. It helps Kubernetes cluster administrators to check whether implemented network-related security checks and pod-related security checks are in place or not. The tool goes deep into the pod and cluster configuration and analyzes security issues within the underlying infrastructure and, in most cases, suggests fixes to the detected security issues. It further performs the configuration drift detection for the implemented network policies. The output of this tool should be helpful for security engineers working on hardening Kubernetes clusters.
Aura, Tuomas
Thesis advisor
Bufalino, Jacopo
Peylo, Martin
security, microservices, scanning, Kubernetes, hardening, policies
Other note