Course Description



The cloud as we know it is changing. Containers have taken center stage as the preferred method of developing and deploying software into production. As security practitioners, we must adapt to the latest technologies or be left in the dust. This course will focus on building a modern cloud infrastructure capable of taking containers from a developer’s laptop to production in a secure manner.

Learning Objectives



Grasp the core concepts surrounding the Docker and Kubernetes ecosystems and implement security controls in each of these technologies

Understand the need for containers and container orchestration tools

Implement security hardening techniques in Docker and Kubernetes

Build security checkpoints within the SDLC and DevOps pipelines

Understand the importance of containers when moving toward DevOps

Details

Delivery Format: eLearning

Duration: 1 hour

Level: Intermediate

Intended Audience

Architects

Back-End Developers

Enterprise Developers

Front-End Developers

QA Engineers

Prerequisites: Principles of Software Security

Course Outline

Deployment and Container Orchestration

The State of Software Deployment

Continuous Integration and Deployment

Incorporating Security into DevOps

Modern Infrastructure and Container Orchestration

Container-Related Threats

Container Security

Introduction to Container Technology

Anatomy of a Container

Docker Security Considerations

Container Isolation

Securing Container Images

Dockerfile Best Practices

Docker Image Vulnerabilities in the Wild

Docker Build Process Compromised with Backdoor

Container Deployment Techniques

Image Deployment Security Considerations

Immutable Infrastructure

Running Containers Securely

Host Security

Container Orchestration

Patch Slow, Get Owned Fast

Introduction to Kubernetes

Overview and History of Kubernetes

Kubernetes Components

Working with Kubernetes Clusters and Networking

Interacting with Kubernetes Clusters

Kubernetes Networking

Kubernetes Consoles Exposed to the Internet

A Cryptocurrency Miner Found on Internal Kubernetes Cluster

Kubernetes Security Considerations

Authentication

Authorization

Kubelet Security

Managing Secrets

More Kubernetes Security Considerations

Running Containers Securely

Security Context and Policies

Pod Security Standards

Network Security

Auditing and Logging

Kubelet Access Anyone?

Managed Kubernetes in the Cloud

Managed Kubernetes

Google Kubernetes Engine

Amazon Elastic Kubernetes Service

Azure Kubernetes Service

DevSecOps Pipelines