Kubernetes Security

Kubernetes Architecture

1
KS – The rise of Docker and the trend of microservices
2
KS – Kubernetes components
3
KS – Kubernetes objects
4
KS – Kubernetes variations
5
KS – Kubernetes and cloud providers

Kubernetes Networking

1
KS – Overview of the Kubernetes network model
2
KS – Communicating inside a pod
3
KS – Communicating between pods
4
KS – Introducing the Kubernetes service
5
KS – Introducing the CNI and CNI plugins

Threat Modeling

1
KS – Introduction to threat modeling
2
KS – Component interactions
3
KS – Threat actors in Kubernetes environments
4
KS – Threats in Kubernetes clusters
5
KS – Threat modeling application in Kubernetes

Applying the Principle of Least Privilege in Kubernetes

1
KS – The principle of least privilege
2
KS – Least privilege of Kubernetes subjects
3
KS – Least privilege for Kubernetes workloads

Configuring Kubernetes Security Boundaries

1
KS – Introduction to security boundaries
2
KS – Security boundaries versus trust boundaries
3
KS – Kubernetes security domains
4
KS – Kubernetes entities as security boundaries
5
KS – Security boundaries in the system layer
6
KS – Security boundaries in the network layer

Securing Cluster Components

1
KS – Securing kube-apiserver
2
KS – Securing kubelet
3
KS – Securing etcd
4
KS – Securing kube-scheduler
5
KS – Securing kube-controller-manager
6
KS – Securing CoreDNS
7
KS – Benchmarking a cluster’s security configuration

Authentication | Authorization and Admission Control

1
KS – Requesting a workflow in Kubernetes
2
KS – Kubernetes authentication
3
KS – Kubernetes authorization
4
KS – Admission controllers
5
KS – Introduction to OPA

Securing Kubernetes Pods

1
KS – Hardening container images
2
KS – Configuring the security attributes of pods
3
KS – The power of PodSecurityPolicy

Image Scanning in DevOps Pipelines

1
KS – Introducing container images and vulnerabilities
2
KS – Scanning images with Anchore Engine
3
KS – Integrating image scanning into the CI/CD pipeline

Real-Time Monitoring and Resource Management of a Kubernetes Cluster

1
KS – Real-time monitoring and management in monolith environments
2
KS – Managing resources in Kubernetes
3
KS – Monitoring resources in Kubernetes

Defense in Depth

1
KS – Introducing Kubernetes auditing
2
KS – Enabling high availability in a Kubernetes cluster
3
KS – Managing secrets with Vault
4
KS – Detecting anomalies with Falco
5
KS – Conducting forensics with Sysdig Inspect and CRIU

Analyzing and Detecting Crypto-Mining Attacks

1
KS – Analyzing crypto-mining attacks
2
KS – Detecting crypto-mining attacks
3
KS – Defending against attacks

Learning from Kubernetes CVEs

1
KS – The path traversal issue in kubectl cp – CVE-2019-11246
2
KS – DoS issues in JSON parsing – CVE-2019-1002100
3
KS – A DoS issue in YAML parsing – CVE-2019-11253
4
KS – The Privilege escalation issue in role parsing – CVE-2019-11247
5
KS – Scanning for known vulnerabilities using kube-hunter

Be the first to add a review.

Please, login to leave a review
Add to Wishlist
Enrolled: 0 students
Lectures: 58

Archive

Working hours

Monday 9:30 am - 6.00 pm
Tuesday 9:30 am - 6.00 pm
Wednesday 9:30 am - 6.00 pm
Thursday 9:30 am - 6.00 pm
Friday 9:30 am - 5.00 pm
Saturday Closed
Sunday Closed
Kubernetes Security
Price:
Free