Control: Containerized applications should use security services such as SELinux or AppArmor or Seccomp
Description
The underlying host OS needs to be secured in order to prevent container breaches from affecting the host. For this, Linux provides several out-of-the-box security modules. Some of the popular ones are SELinux, AppArmor and Seccomp.
Usage
Run the control in your terminal:
powerpipe control run kubernetes_compliance.control.pod_security_policy_security_services_hardeningSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run kubernetes_compliance.control.pod_security_policy_security_services_hardening --shareSQL
This control uses a named query:
pod_security_policy_security_services_hardening