Ensure Service Account Tokens are Only Mounted Where Necessary in Kubernetes
Mounting service account tokens inside pods can provide an avenue for privilege escalation attacks where an attacker is able to compromise a single pod in the cluster. Avoiding mounting these tokens removes this attack avenue. Send results via Email.
icon
Breakdown
  1. Ensure Service Account Tokens are Only Mounted Where Necessary.
  2. Send results via Email. This result step can be changed from Email to Slack, Microsoft Teams or Discord.