×

Remote Training (Dec 7-8) : DevSecOps Masterclass 2020 Discoverer Edition Register Now

Container & Kubernetes
Security

Learn how to keep security in tact for deployments in scale

Training Objective and Course Overview

With organizations rapidly moving towards micro-service style architecture for their applications, container technology seems to be taking over at a rapid rate.  Leading container technologies like Docker have risen in popularity and have been widely used because they have helped package and deploy consistent-state applications. Orchestration technologies like Kubernetes help scale such deployments to a massive scale which can potentially increase the overall attack-surface to a massive extent if security is not given the attention required.

What attendees will learn?

The Container Security Training is a foundational training on the concept of Container Security. Containers have emerged as a leading deployment technology. This training delivers a hard-core hands-on view of attacking and defending Containers. Attendees will learn the various attack techniques like container breakouts with several hands-on labs. Subsequently, attendees will learn practical and time-tested approaches to building, running and security testing container deployments.

 

Kubernetes has emerged as the leading container orchestration and management platform for on-prem and cloud environments. The Kubernetes Security Masterclass, is a hard-core hands-on view of Kubernetes Security from an Attack and Defense perspective. The course takes the participants through a journey where they start with setting up a Kubernetes cluster (simulating an on-prem Kubernetes) deployment, attack the cluster and learn, through multiple deep-dive examples and cookbooks on how they can effectively secure Kubernetes clusters.

Training Variants

  • Learning Objectives & Evolution of Compute
  • Introduction to Docker
  • Docker Terminologies and Commands 
  • Docker Deep-Dive
  • Lab: Hands-on with Docker with our Cloud Labs
  • Lab: Analysing Docker layers with "Dive" with our Cloud Labs
 
  • Container Threat Model and Attack Patterns
  • Lab: Volume Mount Container Breakout - Cloud Labs
  • Lab: Host Network Container Breakout - Cloud Labs
  • Lab: PID Container Breakout - Cloud Labs
  • Lab: CGroup Container Breakout - Cloud Labs
  • Lab: Trojanizing Docker Images - Cloud Labs
  • Keystone principles and Security Engineering
  • Lab: Distroless Containers - Cloud Labs
  • Lab: DockerSlim - Cloud Labs
  • Docker Security Hygiene
  • Signed Images and Docker Content Trust
  • Lab: Setting up a Secure Private Registry - Cloud Labs

 

  • Container Security Monitoring - Success Factors
  • Lab: Monitor Container Security Parameters with OSQuery - Cloud Labs
  • Nuances of Container Vulnerability Scanning and Audit
  • Static Analysis - Container Security Scanning
  • Lab: Clair - Cloud Labs
  • Lab: Docker-Bench - Cloud Labs
  • Lab: Trivy - Cloud Labs
  • Role of Kubernetes in Container Orchestration
  • Kubernetes Architecture Deep-Dive
  • Setting up a Kubernetes Cluster from scratch
  • Exploring the Kubernetes Landscape
  • Deploying Services and Applications on Kubernetes Clusters
  • Kubernetes Threat Model and its counterpoint in Security Practices
  • Kubernetes Trust boundaries & Attack Trees
  • Analysis of Common Attack Vectors and patterns
  • Attacking Kubernetes Clusters
  • Attacking Kubernetes Cluster components
  • Kubernetes Authentication, Authorization and Admission Control
  • Certificate Based Authentication Setup
  • Webhook Authentication and Authorization with oAuth and OIDC
  • Role Based Access Control (RBAC) Deployment for Kubernetes
  • Admission Controllers
  • Kubernetes Secrets
  • Monitoring Kubernetes Clusters
  • Kubernetes API Events Deep-dive and Logging Strategies
  • Open Policy Agent(OPA) on Kubernetes Clusters

Highly recommend this training to anyone interested in container security

- Eugene Ang Beng Choon, SWIFT

I would like to say this training is really good. It helped me learn about the threats specific to containers, dominant attack patterns and corresponding hardening guidelines. One of the best things about the training is the step-by-step methodology followed by the trainers who I felt were clearly very experienced.

Conference Features

Our Application Security and Cloud Security programs is a regular feature at marquee application security conferences across the world.

Frequently Asked Questions

Can beginners who are new to container technology take this training?

All concepts introduced in the training are explained from the very basics and then transition into advanced security specific topics. This training program is therefore beneficial for both beginners and security engineers who're already comfortable with container technology.

Do I need to know programming in order to attend the class?

While knowing a programming language is useful, prior knowledge of how to code is not necessary. Functionality of the any kind of code introduced in the training will be explained during the class.

In a nutshell, what can I expect to learn from this training?

Attendees can expect to gain a detailed understanding of how containers work, what threat models are specific to their use, how to attack/defend container deployments, how container orchestrators work and how one can attack/defend container orchestrated deployments.

Dates Coming Soon !

Attacking and Defending Containers

2 Days
(3 Hours per day)

$500

Dates Coming Soon ! 
Get Notified

Kubernetes Security
Masterclass

4 Days
(4 Hours per day)

$650

Nov 10 - 13 
Register Now

Would you rather have a private training conducted for your team? Enter your details here


    By checking this box you agree to receive communication on we45's events, product or solution offerings by email to your contact information.

    You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

    By clicking submit below, you consent to allow we45 to store and process your personal data to provide you the requested information.

    Additional Resources

    Docker Security Threats and Hardening Guidelines

    Technologies with rapidly growing adoption rates invite high volumes of malicious intent. Learn about pertinent Docker Security Threats and its hardening methods.

    Webinar: Securing Kubernetes Deployments

    Recently adopted Kubernetes? Have you made security an active consideration in its use? Get started by watching we45’s free webinar on Kubernetes security.

    Security Essentials for a Developer – Kubernetes

    The spurt in adoption of container technology is promptly being followed by increasing Kubernetes use. Find a starter’s guide to securing Kubernetes deployments.

    we45