Kubernetes Default-Deny Egress Stops Pod Exfiltration
Run a default-deny egress NetworkPolicy to stop a compromised pod from phoning home. Two manifests, one DNS gotcha that breaks it, and the CNI fix.
Read more1 article on Cloud. Practical notes on infrastructure, security, and engineering leadership by Indra Gusti Prasetya.
Run a default-deny egress NetworkPolicy to stop a compromised pod from phoning home. Two manifests, one DNS gotcha that breaks it, and the CNI fix.
Read moreDeep dives into infrastructure, security, and technical leadership. No noise, just engineering rigor. Subscribe and grab the 2026 AI-agent & infrastructure security checklist.