Check for Missing Network Policies in Kubernetes

ID: k8s-missing-network-policies

Severity: medium

Author: princechaddha

Tags: cloud,devops,kubernetes,devsecops,k8s,k8s-cluster-security

Description

Checks if any network policies are defined across all namespaces in the Kubernetes cluster.

YAML Source

id: k8s-missing-network-policies

info:
  name: Check for Missing Network Policies in Kubernetes
  author: princechaddha
  severity: medium
  description: |
    Checks if any network policies are defined across all namespaces in the Kubernetes cluster.
  impact: |
    Not having network policies in place can expose namespaces to potential security risks by allowing unrestricted network traffic.
  remediation: |
    Define and apply network policies to manage ingress and egress traffic within namespaces effectively. Use `kubectl apply -f <network-policy-file.yaml>` to enforce network boundaries.
  reference:
    - https://kubernetes.io/docs/concepts/services-networking/network-policies/
  tags: cloud,devops,kubernetes,devsecops,k8s,k8s-cluster-security

self-contained: true

code:
  - engine:
      - sh
      - bash
    source: kubectl get networkpolicies -A

    matchers:
      - type: word
        part: stderr
        words:
          - 'No resources found'

    extractors:
      - type: dsl
        dsl:
          - "No Network Policies found"
# digest: 4a0a00473045022100a454dc52b9d885d9b4283bc85035b168887916312ece9e4e57cf9bb8ca8cf86e02200e256c353de692f3939cba7d24e4a00f3f8d01a5340829aaa3a1d7367bca344d:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "cloud/kubernetes/network-policies/k8s-missing-network-policies.yaml"

View on Github