Your Pod Is Running as Root (and You Don't Know It) | K8s Security in the Wild

Description

Every cluster I've audited had at least one pod running as root. Nobody knew. In this episode I'll show you: • Why running as root in a container is dangerous (it's not just theory) • The one-liner jq audit command to find root pods in your cluster right now • How to fix it — securityContext, capabilities, readOnlyRootFilesystem • How to enforce it at scale with Pod Security Standards • Live demo: reject a root pod at the API server automatically All commands shown in the video are in the script linked below. ───────────────────────────────────────────── 🔥 Practice this yourself with Mayhem — free K8s incident simulator: github.com/devops-with-kosa/mayhem-k8s 📺 Subscribe for new episodes every week @devopswithkosa ───────────────────────────────────────────── #Kubernetes #KubernetesSecurity #CKS #DevSecOps #K8s #ContainerSecurity #CloudSecurity #DevOps #SRE #CKSExam