Kubernetes is quickly becoming the de-facto standard to operate containerized applications at scale. Kubernetes is a complex and fast-developing technology; therefore, it is important to grasp its security implications and understand how to make Kubernetes implementation and usage secure-by-design. The course will cover the following topics:
• Which are the security findings of the platform
• How to measure the security level and risks of the platform
• How to protect your container images from known vulnerabilities by third parties
• How to reinforce the container and network runtime policy level
• How to better manage private information
During the course we will talk in depth about the Kubernetes security findings, we will highlight all the potential risks and the related remedial actions by analyzing all the tools provided by k8s. The course will help you understand how to implement a secure, solid and agile Kubernetes environment for your production systems.
Course length: 1 day. Available languages: English, Italian
The training will be delivered remotely
• Developers wanting to develop secure applications in a Kubernetes environment
• Sysadmins interested in Kubernetes security practices
• Architects interested in designing a secure Kubernetes-based solution
• Kubernetes basic knowledge
• Available upon request
• Cloud Native security concepts
• Introduction to Kubernetes
• Kubernetes basic concepts
o Api server
o Etcd server
• Risks analysis and attack surface definition
• Attack vectors analysis
• Introduction to the Kubernetes security policies
o Upgrade management
o Authentication and authorization
o Kubernetes and auth
o Network policies
o Istio and application communication security introduction
o Securing networking data path (cilium)
• CRI hardening basic concepts
• Vulnerability demonstration
o Obtaining a reverse shell
o Discovery from the compromised pod
o Lateral movements to other pods
o Escalation to the worker node
It’s the passion for our job that helps us in discovering new tendencies, anticipating the technological changing and continuously improving our services.
We strongly believe in people’s talent. Therefore, we invest a lot in out team’s competences through continuous training and extracurriculars.
We want to be the reference point for all our customers, following them in each single project development phase.
The key of our successes is the integrated technological approach between Cloud, DevOps and Security we propose to our customers for their internal projects.
Choosing a selection results in a full page refresh.