Security & Policy | Kuberns Docs

Security and Privacy are core pillars of Kuberns

It is designed to simplify deployment and management for startups, freelancers, IT teams, and enterprises.

Kuberns integrates robust security measures at every layer to protect your applications, data, and infrastructure.

This document outlines how Kuberns maintains security, ensuring your deployments are safe, compliant, and reliable.

Security and Privacy Features in Kuberns

Kuberns embeds Security and Privacy into its platform through the following key features:

How It Works: Kuberns securely stores sensitive data, such as environment variables and API keys, using end-to-end encryption. This ensures that secrets are encrypted both at rest and in transit, accessible only to authorized services.
User Benefit: You can confidently manage sensitive configurations without worrying about unauthorized access, as secrets are protected throughout their lifecycle.

How It Works: Kuberns implements role-based access to manage permissions at a granular level. You can define roles for team members, restricting access to specific projects, services, or actions (e.g., deployment, monitoring).
User Benefit: RBAC minimizes the risk of accidental or malicious changes by ensuring users only have access to the resources they need, enhancing team collaboration while maintaining security.

How It Works: Each service in Kuberns runs in its own isolated runtime environment, preventing interference between applications. This isolation is enforced at the container level, ensuring that a compromise in one service doesn’t affect others.
User Benefit: Isolated runtimes reduce the attack surface, providing an additional layer of protection for your applications and data.

How It Works: Kuberns ensures that every build process is fully isolated from other builds and services. Each build runs in a dedicated, ephemeral environment that is destroyed after the deployment completes, preventing cross-contamination or unauthorized access to build artifacts.
User Benefit: Isolated builds eliminate the risk of interference between deployments, ensuring that your build process remains secure and that sensitive data (e.g., source code, dependencies) is not retained longer than necessary.

How It Works: Kuberns enhances server security by restricting access to sensitive ports, notably keeping port 22 (commonly used for SSH) closed by default. This restriction applies universally, meaning even Kuberns itself cannot access your server via this port, significantly reducing the risk of unauthorized remote access.
User Benefit: By blocking port 22, Kuberns minimizes the attack surface of your server, protecting it from potential SSH-based attacks while still allowing secure management through the Kuberns Dashboard.

How It Works: Kuberns maintains detailed audit logs of all platform activities, including deployments, configuration changes, and user actions. These logs are accessible via the Kuberns Dashboard for review.
User Benefit: Audit logs provide transparency and traceability, enabling you to track changes, identify potential security issues, and ensure compliance with internal or regulatory standards.

Beyond the core features, Kuberns incorporates several practices to enhance platform security:

Automatic SSL/TLS Certificates: Kuberns automatically provisions SSL/TLS certificates for all deployed applications and custom domains, ensuring secure communication over HTTPS.
AI-Driven Threat Detection: Kuberns AI monitors runtime behavior and logs to detect anomalies, such as unusual traffic patterns or unauthorized access attempts, alerting you to potential threats in real time.
Secure Deployment Pipelines: During deployment, Kuberns ensures that repositories are accessed securely via GitHub OAuth tokens, and all build processes occur in isolated environments to prevent code exposure.
Regular Updates and Patching: Kuberns continuously updates its underlying infrastructure, runtimes, and dependencies to address vulnerabilities, ensuring your applications run on a secure foundation.