Training Component Soft

Training goals dlearning

code: KBS-302

This 2-day long training introduces concepts, procedures, and best practices to harden Kubernetes based systems and container-based applications against security threats. It deals with 6 main areas of cloud-native security: Kubernetes cluster setup, Kubernetes cluster hardening, hardening the underlying operating system and networks, minimizing microservices vulnerabilities, supply chain security as well as monitoring, logging, and runtime security.

This course does not only prepare delegates for the daily security administration of Kubernetes-based systems but also for the official Certified Kubernetes Security Specialist (CKS) exam of the Cloud Native Computing Foundation (CNCF).

Structure: 50% theory 50% hands on lab exercises.

Target audience: Kubernetes administrators who participated on one of our Kubernetes administration trainings or have a Certified Kubernetes Administrator (CKA) certifiction and want to learn about securing Kubernetes based systems and container-based applications.

 

Conspect Show list

  • Module 1: User and authorization management
    • Users and service accounts in Kubernetes
    • Authenticating users
    • Managing authorizations with RBAC
  • Module 2: Supply chain security
    • Vulnerability checking for images
    • Image validation in Kubernetes
    • Reducing image footprint
    • Secure image registries
  • Module 3: Validating cluster setup and penetration testing
    • Use CIS benchmark to review the security configuration of Kubernetes components
    • Modify the cluster components’ configuration to match the CIS Benchmark
    • Penetration testing Kubernetes for known vulnerabilities
  • Module 4: System hardening
    • Use kernel hardening tools
    • Setup appropriate OS level security domains
    • Container runtime sandboxes
    • Limit network access
  • Module 5: Monitoring and logging
    • Configure Kubernetes audit logs
    • Configure Audit Policies
    • Monitor applications behavior with Falco
Download conspect training as PDF

Additional information

Prerequisites

Linux container (e.g. Docker) and Kubernetes admin. skills, for instance by participating on our Docker and Kubernetes administration courses.
Difficulty level
Duration 2 days
Certificate

The participants will obtain certificates signed by Component Soft (course completion).
Trainer

Authorized Component Soft Trainer.

Other training Component Soft | Cloud-Native (Kubernetes)

Component Soft show more courses
Training thematically related

Cloud

Infinity Specializations | Check Point

Cloud-Native (Kubernetes) | Component Soft

OpenStack | Component Soft

Cloud Essentials | CompTIA

Cloud+ | CompTIA

Google Business and Management | Google Cloud

Fundamentals Courses | Google Cloud

Cloud Infrastructure | Google Cloud

Networking and Security | Google Cloud

Application modernization | Google Cloud

Data Analysis | Google Cloud

Data Engineering | Google Cloud

AI and Machine Learning | Google Cloud

Contact Center Engineer | Google Cloud

Azure | Microsoft

Windows Server Technologies | Microsoft

Cloud Workshop | Microsoft

Microsoft AI | Microsoft

Data Platform | Microsoft

Security | Microsoft

Cloud Security | Mile2

Cloud | SCADEMY

Kubernetes | SUSE

Kubernetes | The Linux Foundation

E-learning | The Linux Foundation

Exam | The Linux Foundation

Bundle (e-learning + exam) | The Linux Foundation

DevOps

Cloudera Administrator | Cloudera

Cloudera Data Analyst | Cloudera

Cloudera Data Developer | Cloudera

Cloud-Native (Kubernetes) | Component Soft

OpenStack | Component Soft

DevOps | DevOps Institute

DevSecOps | DevOps Institute

Site Reliability Engineering | DevOps Institute

AIOps | DevOps Institute

Value Stream Management | DevOps Institute

Agile Service Manager | DevOps Institute

CI/CD | DevOps Institute

Observability | DevOps Institute

Fundamentals Courses | Google Cloud

Cloud Infrastructure | Google Cloud

Networking and Security | Google Cloud

Application modernization | Google Cloud

Data Analysis | Google Cloud

Data Engineering | Google Cloud

Contact Center Engineer | Google Cloud

Azure | Microsoft

Cloud Workshop | Microsoft

Kubernetes | SUSE

Kubernetes | The Linux Foundation

E-learning | The Linux Foundation

Exam | The Linux Foundation

Bundle (e-learning + exam) | The Linux Foundation

Open Source

Cloud-Native (Kubernetes) | Component Soft

OpenStack | Component Soft

Enterprise Linux | SUSE

SAP Solutions | SUSE

SUSE Manager | SUSE

Kubernetes | SUSE

Linux | The Linux Foundation

Embedded Linux | The Linux Foundation

Kubernetes | The Linux Foundation

E-learning | The Linux Foundation

Exam | The Linux Foundation

Bundle (e-learning + exam) | The Linux Foundation

Contact form

Please fill form below to obtain more info about this training.






* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

800 EUR

FORM OF TRAINING ?

 

TRAINING MATERIALS ?

 

SELECT TRAINING DATE

    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
Book a training appointment
close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

close

Paper materials

Traditional materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Electronic materials

Electronic materials: These are electronic training materials that are available to you based on your specific application: Skillpipe, eVantage, etc., or as PDF documents.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.