Kubernetes Security

This course provides knowledge of best practices for securing container-based applications and Kubernetes platforms during build, deployment and runtime. This course concerns for cloud production environments and covers topics related to the security container supply chain, discussing topics from before a cluster has been configured through deployment, and ongoing, as well as agile use, including where to find ongoing security and vulnerability information. The course includes hands-on labs to build and secure a Kubernetes cluster, as well as monitor and log security events.

Audience
System Administrators, Cloud Administrators, Security Engineer, Developers

Prerequisites
Docker for Development and Operations (DO-OPS) Training, Kubernetes Administration (K9-ADM)

Outline

  • Course Introduction
  • Cloud Security Overview
  • Container Runtime Overview
  • Mitigating Kernel Vulnerabilities
  • Deploy Secure Kubernetes Cluster
  • Securing Kube API Server
  • Image Security Analysis
  • Container Security Analysis
  • Kubernetes Audit
  • Kubernetes Network Policy
  • Kubernetes Workload Considerations
  • Pod Security Policy
  • Certified Kubernetes Security Exam Preparation

Kurikulum Kursus

  • Modul 1

    Cloud Security Overview

    • What is Security?
    • Basic Principles
    • Attack Sources
    • Types of Attacks
    • The 4Cs of Security
    • NIST Cybersecurity Framework
    • CIS Benchmarks
    • kube-bench
    • High Value Asset Protection
    • Improve Security Team Culture
    • Limit Access
    • Lab 1.1 Lab Preparation
  • Modul 2

    Deploy Secure Kubernetes Cluster

    • Where Do Your Images Come From
    • Container Runtime
    • RuntimeClass
    • gVisor
    • Kata
    • Trusted Packages
    • Gatekeeper
    • Protect the Kernel
    • Finding Kernel Vulnerabilities
    • Lab 2.1 Deploy Multi Master Multi Worker Kubernetes Cluster
    • Lab 2.2 Implement Container Runtime Sandbox gVisor
    • Lab 2.3 kube-bench
    • Quis 2.1
  • Modul 3

    Secure the kube-apiserver

    • Enable Audit Log
    • Configure API Auditing
    • Audit Policy
    • Role Based Access Control
    • RBAC Role and ClusterRole
    • RBAC RoleBinding
    • Pod Security Policies (PSP)
    • Identity and Access Management
    • Persistent State from etcd
    • Start Using Service Accounts
    • Create a Role
    • Bind the Role
    • Lab 3.1 Enabling API Server Auditing
    • Lab 3.2 Limiting Access Control with RBAC
    • Lab 3.3 Security Context
    • Lab 3.4 Pod Security Policies
    • Lab 3.5 OPA Gatekeeper
    • Quis 3.1
  • Modul 4

    Networking

    • Kubernetes Network
    • Services and Firewalls
    • Terms and Expressions
    • Stateful vs Stateless
    • Several Network Plugins
    • Chains (of Rules) & Tables (of Chains)
    • Netfilter
    • Netflier (.cont)
    • Firewalld
    • Ingress Controller
    • Service Mesh
    • mTLS
    • Network Policies
    • Lab 4.1 Implement Network Security Policy
    • Lab 4.2 Configure an Ingress Controller
    • Lab 4.3 Configure mTLS (Linkerd)
    • Quis 4.1
  • Modul 5

    Workload Consideration

    • Trivy
    • Falco
    • SELinux Overview & Enforcement Modes
    • Seccomp & Apparmor
    • Lab 5.1 Check Image Vulnerablility using Tryvy
    • Lab 5.2 Check Image Vulnerablility using Docker Scan
    • Lab 5.3 Using Falco to Monitor Audit Events
    • Quis 5.1
  • Modul 6

    Comprehensive Review

    • Lab Comprehensive Review
    • Preparing for the Exam
    • Finding Exam Information

Level Mahir
-

Kategori

Security