Kubernetes is a non-secure by default container-orchestration system which is becoming the industry need-to-know platform for any professional working with cloud applications and containers. This 2-days course provides practical real world techniques to assess the security posture of Kubernetes clusters and how to protect them. By the end of the course participants will have the knowledge and resources to fortify Kubernetes clusters with confidence. All code, slides, tools and configuration along with auxiliary scripts will be provided.


This course will start with a quick review of the Linux and Docker containers security fundamentals. Then we will move to the Kubernetes world, starting with the essentials to understand its architecture and default configuration. After that we will go through attacking a vulnerable application, escalating, moving laterally and taking complete control of the cluster and the infrastructure beyond Kubernetes.

Next there will be more attacks from different threat actors on the platform like malicious containers and/or malicious operators. The course will transition on to how to protect Kubernetes clusters, starting with controls that can be leveraged from the standard Kubernetes capabilities, more advanced features and also extending the hardening with additional open source tools and other complementary processes.

The course has core modules as well as some bonus content that will be covered if there is time. These extra modules focus in areas like container runtime sandboxing, early prevention of misconfiguration leveraging policy-as-code as well as HSM integrations.

Key takeaways:
- Learn and understand Kubernetes essentials and security
- How to detect and prevent vulnerable application and escalation paths
- Learn how an attacker can leverage default security capabilities in Kubernetes and how to properly protect against this
- Enablement of advanced Kubernetes security tools