Kubernetes Infrastructure Security Audit

Client:

Recruitment Company

Industry:

HR Tech

Focus:

Security assessment of Kubernetes infrastructure and audit of its compliance with modern security requirements

Main challenge:

Risk of unauthorized access to administrative resources and personal data leakage

Market:

International (North America and Europe)

Services provided:

Penetration Testing, Cloud Security Assessment

Key Takeaways

21 vulnerabilities of varying severity were identified

The risk of unauthorized access was reduced by 90%

The project was completed in 2.5 weeks

The infrastructure was aligned with cloud security best practices

identified vulnerabilities

<24 hours

to remediate critical vulnerabilities

90%

reduction in data breach risk

Kubernetes Infrastructure Security Audit

Jun 23, 2026

3 min

An international recruitment platform processing personal data of over 100,000 users required a Kubernetes infrastructure security assessment. Datami conducted a cloud infrastructure audit and penetration test, identified 21 vulnerabilities, and reduced the risk of unauthorized access by 90%.

The client is an international programmatic recruitment platform that helps companies automate job advertising using machine learning.

The service operates across North American and European markets and processes personal, financial, and corporate data of 100,000+ users. Therefore, a high level of cybersecurity and GDPR compliance is critically important.

Objectives and challenges

The client initiated a scheduled security assessment of its Kubernetes infrastructure in AWS EKS.

The goal was to evaluate access controls, secrets management, and privilege escalation risks to prevent personal data leakage, financial losses, and potential service disruption.

Conduct a security audit of the Kubernetes infrastructure in AWS EKS
Review configurations, access roles, and secrets management practices
Identify potential vulnerabilities and provide remediation recommendations

Infrastructure audit

Review of Kubernetes cluster configurations: namespaces, pods, nodes, and network policies.

White-box pentesting

Security testing with access to internal configurations to assess roles, permissions, and access controls.

Reporting and recommendations

Preparation of a detailed report outlining identified vulnerabilities and recommendations for remediation.

Datami methodology: Kubernetes infrastructure security assessment

Our approach

The team conducted a Kubernetes security assessment, reviewing namespace, pod, node, and network policy configurations. We combined automated and manual analysis, using kubectl and terminal-based tools to examine the environment.

During the assessment, a new critical Kubernetes vulnerability was disclosed. The Datami team immediately added checks for it, helping protect the infrastructure against the latest cyber threats.

White-box testing

Testing was performed with access to internal infrastructure configurations, enabling an analysis of configurations, policies, and potential unauthorized access scenarios.

Key project stages and solutions

In this cybersecurity project, our team worked closely with the client throughout the engagement.

We received test access to the infrastructure, reviewed the documentation, and provided regular status updates.

Testing began with automated scanners and was followed by manual verification.

Infrastructure preparation and analysis

Obtaining test access to the system and reviewing technical documentation to understand the Kubernetes infrastructure architecture.
Configuration and access testing

Automated assessment using kubectl and additional tools, combined with manual analysis of access roles, configurations, and potential vulnerabilities.
Reporting and recommendations

Preparation of a detailed report describing identified risks and practical recommendations for remediation.

Results and recommendations

Before the project, the Kubernetes infrastructure showed limited compliance with security best practices: some configurations remained at default settings, outdated libraries were in use, and monitoring and logging were absent.

During the security assessment, the team identified 21 vulnerabilities:

2 critical;
6 high;
9 medium;
4 low.

Information about the identified critical vulnerabilities was immediately shared with the client, and these threats were remediated within 24 hours. The likelihood of unauthorized access was reduced by 90%. The infrastructure was brought into compliance with modern security requirements, helping prevent confidential data leaks and reputational losses.

The client was provided with the following recommendations:

regularly conduct infrastructure security audits;
assess security after implementing new functionality;
keep Kubernetes components up to date;
continuously monitor system logging and monitoring.

Key project outcomes

The Kubernetes infrastructure audit was completed ahead of schedule in 2.5 weeks. This case study demonstrated that regular security assessments are essential for cloud infrastructure, helping identify and remediate critical risks before they can be exploited.

The project also highlights the flexibility of our cybersecurity approach. We respond quickly to newly disclosed cyber threats and immediately incorporate them into infrastructure security assessments.

Metric

Before the audit

Result after the project

Security level

Low compliance with security standards, and some default configurations remained

Aligned with security best practices

Vulnerabilities

Outdated libraries and configuration-related risks

21 vulnerabilities remediated

Monitoring

Not implemented

Monitoring and logging configured

Access control

Insufficient access policies

Access policies strengthened

Access risk

High

Reduced by 90%

Timeline

Planned: 3 weeks

Completed in 2.5 weeks

More success stories with Datami

Browse other project case studies

AI Platform Security Testing

51 vulnerabilities identified, including 2 critical
Full system prompt disclosure confirmed

Services:

AI Systems Penetration Testing (OWASP LLM Top 10)

Jun 9, 2026

GCP security audit for PCI DSS readiness

PCI DSS compliance achieved.
Risk of unauthorized access reduced by 90%.

Services:

Cloud penetration testing, cloud security assessment

Apr 25, 2026

Azure Audit for a Government Business Platform

ISO/IEC 27001 and GDPR compliance achieved
Infrastructure set up for the website update launch

Services:

Azure Security Audit (White-box)

Mar 5, 2026

Back to home page

Datami articles

Oleksandr Filipov

Top Business Cyber Security Issues

Which issues in cyber security do businesses face most frequently? In this article, we examine the top 9 most relevant cybersecurity issues by criticality level and provide recommendations for their remediation.

3 min May 4, 2026

Oleksandr Filipov

What is a Cybersecurity Incident?

Cyber incidents have long ceased to be a headache only for large corporations and government institutions. Today, they are a common part of the digital reality faced by companies of all sizes.

3 min May 4, 2026

Top 3 Industries with the Highest Number of Critical Cybersecurity Vulnerabilities from Datami Practice

Oleksandr Filipov

Top 3 Industries with the Highest Number of Critical Cybersecurity Vulnerabilities from Datami Practice

Which industries face the highest concentration of critical cybersecurity risks? Based on an analysis of the Datami project results, we identified three sectors where the average number of critical vulnerabilities discovered per project is the highest.

15 min Mar 31, 2026

Show all articles

On this page you will learn what cookies are and how and when we use them. Definition of the term Cookies Cookies are pieces of data that a web server generates and that a website stores on your user device (computer, smartphone, tablet, etc.). Each website or third-party service sends cookies to the browser installed on your device only if your browser allows it. This is possible if you have not set any restrictions in your browser settings to save cookies. Browsers are a very well thought out technology. They protect personal data and allow websites to access only cookies that were previously sent to them. Cookies are divided into: session cookies. They are stored in the memory of the browser only during your session, after leaving the site immediately removed. permanent. They are stored in the memory of the browser for a long time. Definition of the term “browser” A browser is an application for browsing websites. The most popular browsers are Chrome, Internet Explorer, Firefox and Safari. All listed browsers are safe. In the settings of these browsers, cookies can be easily disabled, as well as change the settings of their work. You can: accept all cookies; ask the browser to notify when cookies are used; do not accept cookies. Cookies on datami.ee and how we use them We use cookies to: our site is more functional; to understand how you navigate on the site, what content you consume better, to develop the content strategy of the site; understand how many visits to the site were per day, month, year. Analyze the geographical identity of users of the site, the number of repeated visits and other data. Cookies that we use on our site. Third-party cookies. The buttons of social networks, videos and some other services of our site are the property of other companies. These companies may also use cookies on your device if you have used them on our site or have been previously registered with them. The privacy policy of the use of personal data by these services can be found on the websites of these services. Blocking cookies All browsers allow simple actions to disable cookies. To disable them, you must go to your browser settings and find cookies in them. But we must remember that blocking cookies can have a negative impact on the performance of many websites. How to delete files You can also always delete cookies that are stored on your computer. To do this, follow the instructions of your browser Again, deleting cookies can have a negative effect on the performance of many websites.