POC
Definition
POC stands for Proof of Concept. It is a demonstration to verify that certain concepts or theories have the potential for real-world application. In the context of cybersecurity, a POC is often used to demonstrate the feasibility of a security vulnerability or exploit, showing how an attacker might exploit a weakness in a system.
Secure Settings Example
# Kubernetes PodSecurityPolicy example for secure settings
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: restricted
spec:
privileged: false
allowPrivilegeEscalation: false
requiredDropCapabilities:
- ALL
runAsUser:
rule: MustRunAsNonRoot
seLinux:
rule: RunAsAny
fsGroup:
rule: MustRunAs
ranges:
- min: 1
max: 65535
volumes:
- 'configMap'
- 'emptyDir'
- 'projected'
- 'secret'
- 'downwardAPI'
Insecure Settings Example
# Kubernetes PodSecurityPolicy example with insecure settings
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: permissive
spec:
privileged: true
allowPrivilegeEscalation: true
requiredDropCapabilities: []
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
fsGroup:
rule: RunAsAny
volumes:
- '*'