CN330 Advanced Kubernetes Security

Live Online (VILT) & Classroom Corporate Training Course

edForce New Partnership with Mirantis

Gain expertise in implementing Kubernetes security measures from code to production clusters. Ideal for infrastructure engineers, integration specialists, developers, and IT professionals looking to enhance their Kubernetes security skills.

How can we help you?

  • CloudLabs
  • Projects
  • Assignments
  • 24x7 Support
  • Lifetime Access

CN330 Advanced Kubernetes Security

Overview

CN330 Advanced Kubernetes Security is a comprehensive course designed to equip participants with the skills and knowledge required to implement robust security measures throughout the Kubernetes deployment pipeline. From code to production clusters, students will delve into topics such as declarative configuration analysis, container image scanning, CIS benchmark scanning, and attack vector identification and mitigation within Kubernetes environments.

Objectives

By the end of this course, leaner will be able to:

  • Understand the Kubernetes threat model and security maturity.
  • Implement system hardening techniques for Kubernetes environments.
  • Gain proficiency in securing cluster objects and performing cluster hardening.
  • Minimize vulnerabilities in microservices and secure the container supply chain.
  • Establish effective monitoring, logging, and runtime security practices.

Prerequisites

  • Basic understanding of Kubernetes architecture and operations.
  • Familiarity with containerization concepts and container orchestration.
  • Knowledge of system administration and security principles.
  • Proficiency in using Chrome or Firefox browsers.
  • Access to a laptop with WiFi connectivity.

Course Outline

Module 1: Understanding Kubernetes Security Landscape2024-03-31T13:03:16+05:30
  • Overview of Kubernetes threat models and security maturity levels.
  • Identifying common security challenges in Kubernetes environments.
  • Introduction to security best practices and compliance frameworks.
Module 2: System Hardening Techniques2024-03-31T13:04:45+05:30
  • Implementing system hardening measures for Kubernetes nodes.
  • Securing host OS, kernel, and network configurations.
  • Utilizing tools like SELinux, AppArmor, and sysctl for system hardening.
Module 3: Cluster Security Objects and Best Practices2024-03-31T13:05:58+05:30
  • Exploring key security objects in Kubernetes clusters (e.g., PodSecurityPolicy, NetworkPolicy).
  • Implementing security best practices for various Kubernetes objects (e.g., deployments, services, secrets)
Module 4: Microservice Vulnerability Management2024-03-31T13:08:05+05:30
  • Identifying common vulnerabilities in microservices architecture.
  • Implementing security measures at the application level (e.g., input validation, authentication, authorization).
  • Integrating vulnerability scanning tools into CI/CD pipelines.
Module 5: Securing Container Supply Chain2024-03-31T13:15:49+05:30
  • Ensuring integrity and security of container images throughout the supply chain.
  • Implementing image scanning and signing mechanisms.
  • Leveraging container registries with built-in security features (e.g., Docker Content Trust, Notary, Harbor).
2024-05-03T18:00:46+05:30

Title

Go to Top