Securing Containers and Kubernetes Ecosystem
Overview
Learn best practices and security controls for containers and the Kubernetes ecosystem using a simple five-factor security model.
Containers have transformed the way applications are built, deployed, and managed. But itâs only a matter a time before a vulnerability or misconfiguration leads to a newsworthy security breach. Establishing security controls is essential to protect applications being deployed in orchestration systems like Kubernetes. This course explains how to secure containers and the Kubernetes ecosystem using a simple five-factor model. Instructor Sam Sehgalâa security strategist and architect âreviews the containers and Kubernetes technology architecture, the application development and deployment life cycle, as well as the attack surface and vectors. He then introduces his five-factor security model to protect Kubernetes and its components, and shows how to apply security controls to the design and code, images and registries, containers and hosts, applications, and Kubernetes clusters.
Containers have transformed the way applications are built, deployed, and managed. But itâs only a matter a time before a vulnerability or misconfiguration leads to a newsworthy security breach. Establishing security controls is essential to protect applications being deployed in orchestration systems like Kubernetes. This course explains how to secure containers and the Kubernetes ecosystem using a simple five-factor model. Instructor Sam Sehgalâa security strategist and architect âreviews the containers and Kubernetes technology architecture, the application development and deployment life cycle, as well as the attack surface and vectors. He then introduces his five-factor security model to protect Kubernetes and its components, and shows how to apply security controls to the design and code, images and registries, containers and hosts, applications, and Kubernetes clusters.
Syllabus
Introduction
- Protect your containers and Kubernetes ecosystem
- What you need to know
- What are containers?
- Virtualization
- Isolation and OS security features
- Container runtime
- What is Kubernetes?
- Kubernetes master node
- Kubernetes worker node
- Overall technology architecture
- Container deployment and orchestration lifecycle
- Attack surface and vectors
- Five factors
- Secure design before code
- Secure code
- Secure container images, part 1
- Secure container images, part 2
- Image registries
- Image registry access control
- Container working environment
- Container network security
- Container port and interface security
- Host OS protection
- Securing applications in Kubernetes
- Access management
- Authenticating users
- Authenticating service accounts
- Authorization
- Admission control
- Security context
- Security policy
- Kubernetes network security
- Secrets management
- Cluster security goals
- Securing API server traffic
- Securing cluster components
- Infrastructure security
- Logging and monitoring
- Next steps
Taught by
Sam Sehgal
Never Stop Learning!
