Back

Configure the "seccomp" profile to organizational standards.


CONTROL ID
14652
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure "Kubernetes" to organizational standards., CC ID: 14528

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Ensure that the seccomp profile is set to docker/default in your pod definitions Description: Enable docker/default seccomp profile in your pod definitions. Rationale: Seccomp (secure computing mode) is used to restrict the set of system calls applications can make, allowing cluster administrators g… (5.7.2, The Center for Internet Security Kubernetes Level 2 Master Node Benchmark, v 1.6.0)