We offer services at different levels of Kubernetes infrastructure. Our services start with understanding your use case, who you serve and how you deploy your Kubernetes instance. We can then audit your application layer, your infrastructure and/or your supply-chain risk. An audit will include either static code assets or in-cluster auditing or both - which is the case for most of our audits. Our audits complete with a detailed report written for you in a format you can share internally with your team or publicly with the world.
Ada Logics has audited a range of popular Kubernetes tools. p>
We can threat model your infrastructure to identify its attack surface, threat actors, trust zones and trust flow and security controls.
Ada Logics can take an attackers perspective and attempt to steal your data, damage your application, infiltrate your infrastructure and compromise your users in a controlled environment.
We can manually audit your Kubernetes infrastructure for risks, misconfigurations, risks and vulnerabilities.
We use state-of-the-art open source dynamic and static analysis to support our audits.
We can help with auditing your infrastructure as a one-time engagement.
We are available for regular infrastructure audits such as yearly or half-yearly engagements. Code changes over time, and vulnerabilities can get introduced. Catch them with yearly checkups. Alternatively, a yearly infrastructure audit helps your eradicate easily-exploitable issues and find deeper security issues over time.
We can work with you on hardening the security of your infrastructure. This can be through implementing or improving your admission controls or service mesh, or by hardening your infrastructure configurations.