<![CDATA[Securing Kubernetes worker nodes remains a persistent challenge in enterprise environments due to configuration drift, inconsistent operating system hardening, and limited visibility into runtime security posture. While the Center for Internet Security (CIS) provides benchmark recommendations for Kubernetes and Linux systems, manual enforcement of these controls is error-prone and difficult to sustain at scale. This paper presents an automated approach for hardening Kubernetes worker nodes by integrating CIS benchmark compliance with Linux security controls using configuration management automation. The proposed framework focuses on repeatable enforcement, continuous compliance validation, and operational stability. We describe the system architecture, control mapping strategy, and automation workflow, and evaluate its impact on configuration compliance and operational availability in a controlled Kubernetes environment. Results demonstrate measurable improvements in benchmark compliance while maintaining cluster stability, highlighting the feasibility of automation-driven security hardening for Kubernetes worker nodes.]]>
Copyrights © 2023
