Course Includes:
- Price: FREE
- Enrolled: 11731 students
- Language: English
- Certificate: Yes
Course Folder
What You’ll Learn
- Use Network security policies to restrict cluster level access
- Use CIS benchmark to review the security configuration of Kubernetes components (etcd
- kubelet
- kubedns
- kubeapi)
- Properly set up Ingress objects with security control
- Protect node metadata and endpoints
- Minimize use of
- and access to
- GUI elements
- Verify platform binaries before deploying
- Restrict access to Kubernetes API
- Use Role Based Access Controls to minimize exposure
- Exercise caution in using service accounts e.g. disable defaults
- minimize permissions on newly created ones
- Update Kubernetes frequently
- Minimize host OS footprint (reduce attack surface)
- Minimize IAM roles
- Minimize external access to the network
- Appropriately use kernel hardening tools such as AppArmor
- seccomp
- Setup appropriate OS level security domains
- Manage Kubernetes secrets
- Use container runtime sandboxes in multi-tenant environments (e.g. gvisor
- kata containers)
- Implement pod to pod encryption by use of mTLS
- Minimize base image footprint
- Secure your supply chain: whitelist allowed registries
- sign and validate images
- Use static analysis of user workloads (Kubernetes resources
- Docker files)
- Scan images for known vulnerabilities
- Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities
- Detect threats within physical infrastructure
- apps
- networks
- data
- users and workloads
- Detect all phases of attack regardless where it occurs and how it spreads
- Perform deep analytical investigation and identification of bad actors within environment
- Ensure immutability of containers at runtime
- Use Audit Logs to monitor access
Requirements
- Must know the basics of Kubernetes
- Must have some hands on experience of Kubernetes
- Ideally CKA or CKAD certified as that is also a prerequisite to take the CKS Exam
Description
Cluster Setup
Use Network security policies to restrict cluster level access
Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi)
Properly set up Ingress objects with security control
Protect node metadata and endpoints
Minimize use of, and access to, GUI elements
Verify platform binaries before deploying
Cluster Hardening
Restrict access to Kubernetes API
Use Role Based Access Controls to minimize exposure
Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
Update Kubernetes frequently
System Hardening
Minimize host OS footprint (reduce attack surface)
Minimize IAM roles
Minimize external access to the network
Appropriately use kernel hardening tools such as AppArmor, seccomp
Minimize Microservice Vulnerabilities
Setup appropriate OS level security domains
Manage Kubernetes secrets
Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)
Implement pod to pod encryption by use of mTLS
Supply Chain Security
Minimize base image footprint
Secure your supply chain: whitelist allowed registries, sign and validate images
Use static analysis of user workloads (e.g.Kubernetes resources, Docker files)
Scan images for known vulnerabilities
Monitoring, Logging and Runtime Security
Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities
Detect threats within physical infrastructure, apps, networks, data, users and workloads
Detect all phases of attack regardless where it occurs and how it spreads
Perform deep analytical investigation and identification of bad actors within environment
Ensure immutability of containers at runtime
Use Audit Logs to monitor access
Who this course is for:
- Anyone wishing to learn about Kubernetes Security or want to pass the CKS Exam
Recomended Courses
Robotics and ROS 2 - Learn by Doing! Manipulators
FREE
Build and Control with your voice a Real Robot with ROS2
Enrolled
The Complete Java Course: From Basics to Advanced
FREE
Master Java from Basics to Advanced Topics: Java Basics | OOP | Multithreading | JDBC | Swing | JSP | Servlets
Enrolled
1500 New CompTIA IT Fundamentals ITF+ FC0-U61 Practice Exams
FREE
Master IT Fundamentals: Notation Systems, Data Types, Troubleshooting and More
Enrolled
[NEW] 1500 Master SQL: Interview Questions - Practice Tests
FREE
Comprehensive SQL Training: Joins, Functions, Transactions and More!
Enrolled
7 steps to entrepreneurship: A complete business plan (PRO)
FREE
Do you have a business idea burning bright? Launch it like a pro, from early beginner to experienced CEO.
Enrolled
Project Management: Best Practices From 16 Years Consulting
FREE
Learn How to Increase Your Job Productivity on Projects Without Certification! Use Unique Time Management Techniques.
Enrolled
Ms Azure Administrator Associate - AZ-104 Practice Exam
FREE
Ace The AZ-104 Certification With Real Exam Standard AZ 104 Microsoft Azure Administrator AZ104 Practice Test
Enrolled
The Complete Django Rest Framework Bootcamp 2024 [Latest]
FREE
Master Django Rest Framework in 2024: A Comprehensive Bootcamp for Building Powerful APIs with Python
Enrolled
Construye tu Propio Sistema POS con PHP 8 y MySQL
FREE
aprende el paso a paso de como se contruye un sistemas pos que lo puedes usar para venderlo o para tu uso personal
EnrolledPrevious Courses
AWS Certified Cloud Practitioner
FREE
Master AWS Fundamentals: Start Your Cloud Journey with Confidence
Enrolled
Practical IoT Security and Penetration testing for Beginners
FREE
Learn the Basics of IoT security and penetration testing of IoT devices with hands on course
Enrolled
Python Web Development: Building Interactive Websites
FREE
Python-Powered Web Interactions: Building Dynamic Websites with CSS and JavaScript
Enrolled
English Speaking Fluency: The Ultimate English Course
FREE
English Speaking Skills: A Course in Using Action Words and Stories to Enhance Fluency
Enrolled
Ultimate ISTQB AI Testing Exam Certification 2024
FREE
Unleash Success with Our 6 Elite Practice Tests
Enrolled
FOCP Exam: Dominate with Practice & Expertise (2024 Edition)
FREE
Master Cloud Cost Optimization & Launch Your FinOps Career with Exclusive Practice Tests & In-Depth Explanations
Enrolled
Salesforce Marketing Cloud Consultant Practice Test 2024
FREE
Prepare effectively with 6 full-length practice exams and explanations
Enrolled
Comprehensive ISTQB Foundation Level Exam Certification Prep
FREE
Master the Essentials of Software Testing & Launch Your Career (2024 Update)
Enrolled