Actions Panel
Kubernetes Security Masterclass
A hard-core, practical and hands-on view of Kubernetes Security from an attack and defence vantage point
When and where
Date and time
Location
Online
Refund Policy
About this event
Kubernetes Security Masterclass
Dates : Nov 10, 2020 - Nov 13, 2020 (4 hours per day with breaks)
Timings - 9 AM EST to 1 PM EST (every day)
(Access to video recordings and hands on labs post the session would be provided)
Kubernetes has emerged as the leading container orchestration and management platform for on-prem and cloud environments. However, Kubernetes is a multi-headed beast with several minute and nuanced security configuration parameters. In addition, attackers take advantage of these insecurely configured and designed Kubernetes deployments.
This training is a hard-core hands-on view of Kubernetes Security from an Attack and Defense perspective
Introduction to Kubernetes
- Role of Kubernetes in Container Orchestration
- Kubernetes Architecture Deep-Dive
- Setting up a Kubernetes Cluster from scratch
- Exploring the Kubernetes Landscape
- Deploying Services and Applications on Kubernetes Clusters
Kubernetes - Red Team
- Kubernetes Threat Model and its counterpoint in Security Practices
- Kubernetes Trust boundaries & Attack Trees
- Analysis of Common Attack Vectors and patterns
- Attacking Kubernetes Clusters
Kubernetes - Blue Team
- Kubernetes Authentication, Authorization and Admission Control
- Certificate Based Authentication Setup
- Webhook Authentication and Authorization with oAuth and OIDC
- Role Based Access Control (RBAC) Deployment for Kubernetes
- Admission Controllers
- Kubernetes Secrets
- Monitoring Kubernetes Clusters
- Kubernetes API Events Deep-dive and Logging Strategies
- Open Policy Agent(OPA) on Kubernetes Clusters
Kubernetes Network Security
- Network Security Policy
- Service Mesh - Istio
Security Monitoring Kubernetes Clusters
- Kubernetes Vulnerability Assessment and Audit
- Kubernetes Continuous Integration and Continuous deployment
Trainers
Abhay Bhargav (Founder and CTO, we45)
Abhay is a builder and breaker of applications. He is the Chief Architect of “Orchestron", a leading Application Vulnerability Correlation and Orchestration Framework.He has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation.In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, namely Containers, Orchestration and Serverless Architectures.
Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His trainings have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA 2019, SHACK and so on.
Nithin Jois (Senior Solutions Engineer, we45)
Nithin is one of the lead trainers at we45 and has helped build Orchestron - A leading Application Vulnerability Correlation and Orchestration Framework. Nithin brings his unique skillsets to training as a Lead Trainer for our Containers, Kubernetes and Serverless Training and DevSecOps training programs.
Nithin has extensive experience with developing Container-Native and Cloud-Native security orchestration solutions, which he uses to train folks on attacking and defending these solutions.
Nithin has trained and delivered talks on these subjects at Black Hat, Code Blue, OWASP App Sec California, LASCON, SANS and several leading industry events.
Frequently Asked Questions
Who should take this course?
- Information Security Professionals
- DevOps Professionals and Enthusiasts
- DevSecOps Professionals and Enthusiasts
- Application Developers and Engineers
- Application Security Professionals
What are the prerequisites for this training?
- Basic Knowledge of the Linux Operating System
- Laptop/Desktop/Tablet Device with updated browser variants (Chrome or Firefox preferred)
- Knowledge of any programming language preferred, but not required
What do I get, when I take this training ?
- Download Access to Course Slides (PDF)
- Access to we45 Lab System for this course for 30 hours during and after the training for upto 60 days after the class
- Access to view the videos from the live online training upto 60 days after the class
- Free Exam Attempt (post training) to achieve Certification for this course
Do you offer bulk discounts or organisation/company discounts?
Email us at training@we45.com OR DM us on Twitter @we45
What our attendees have to say about our trainings