Description
Certified Kubernetes Security Specialist Masterclass course.
Cluster setup
- Use network security policies to restrict access at the cluster level
- Use the CIS benchmark to check the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi).
- Configure Ingress objects with security controls properly
- Protect Metadata
- Minimize the use and access to GUI elements
- Check the platform before doing any deployment
Increased cluster security
- Restrict access to the Kubernetes API
- Use role-based access controls to minimize security vulnerabilities
- Use caution when using service accounts, for example, disable defaults, minimize newly created permissions.
- Update Kubernetes regularly
Increase system security
- Minimize IAM roles
- Minimize external network access
- Use kernel security enhancement tools like AppArmor, seccomp properly
Minimize Microservice Vulnerabilities
- Set the appropriate security domains at the operating system level
- Manage Kubernetes secrets
- Using container runtime sandtime boxes in multi-tenant environments (eg gvisor, kata containers)
- Implement pod-to-pod encryption using mTLS
Supply Chain Security
- Reduce the Base Image footprint as much as possible
- Secure your supply chain: whitelist authorized registries, sign and verify images
- Using static analysis of user workloads (e.g. Kubernetes resources, Docker files)
- Scan images for known vulnerabilities
Monitoring, Logging and Runtime Security
- Conduct behavioral analysis of process and syscall file activities at the host and container level to identify malicious activities
- Identify threats to physical infrastructure, applications, networks, data, users, and workloads
- Detect all stages of an attack regardless of where it occurs and how it spreads
- Conduct in-depth analytical research and identify risks in the environment
- Ensure immutability of containers at runtime
- Use audit logs to monitor access
What you will learn in the Certified Kubernetes Security Specialist Masterclass course
- Use network security policies to restrict access at the cluster level
- Use the CIS benchmark to check the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi).
- Configure Ingress objects with security controls properly
- Protect metadata
- Minimize the use and access to GUI elements
- Check the platform before doing any deployment
- Restrict access to the Kubernetes API
- Use role-based access controls to minimize security vulnerabilities
- Use caution when using service accounts, eg disable defaults, minimize newly created permissions.
- Update Kubernetes regularly
- Minimizing the footprint of the host operating system (reducing the attack surface)
- Minimize IAM roles
- Minimize external network access
- Use kernel security enhancement tools like AppArmor, seccomp properly
- And …
This course is suitable for people who
- Anyone who wants to learn about Kubernetes security or wants to pass the CKS exam
Specifications of the Certified Kubernetes Security Specialist Masterclass course
- Publisher: Udemy
- teacher: Deepak Dubey
- Training level: beginner to advanced
- Training duration: 9 hours and 22 minutes
- Number of courses: 49
Course headings
Prerequisites of the Certified Kubernetes Security Specialist Masterclass course
- Must know the basics of Kubernetes
- Must have some hands on experience of Kubernetes
- Ideally CKA or CKAD certified as that is also a prerequisite to take the CKS Exam
Course images
Sample video of the course
Installation guide
After Extract, view with your favorite Player.
Subtitle: None
Quality: 720p
download link
File(s) password: www.downloadly.ir
Size
4.2 GB
Be the first to comment