Kubernetes Security Security best practices for Kubernetes deployments. Pod Security Run as Non-Root Read-Only Root Filesystem Drop Capabilities Prevent Privilege Escalation Network Security Network Policies RBAC ServiceAccount Role RoleBinding Secrets Management Encrypt at Rest Enable encryption for secrets at rest in etcd. External Secrets Use external secret management: Avoid Hardcoding Resource Limits Prevent Resource Exhaustion LimitRange ResourceQuota Image Security Use Specific Tags Image Pull Policies Private Registries Pod Security Standards Restricted Profile Security Scanning ---