log
Informática y software Certificaciones de TI

Comparte si te a gustado:

Facebook Twitter
Certified Kubernetes Security Specialist Masterclass

Publicado en 14 Oct 2024

Udemy UK

What you'll learn

  • Use Network security policies to restrict cluster level access
  • Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi)
  • Properly set up Ingress objects with security control
  • Protect node metadata and endpoints
  • Minimize use of, and access to, GUI elements
  • Verify platform binaries before deploying
  • Restrict access to Kubernetes API
  • Use Role Based Access Controls to minimize exposure
  • Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
  • Update Kubernetes frequently
  • Minimize host OS footprint (reduce attack surface)
  • Minimize IAM roles
  • Minimize external access to the network
  • Appropriately use kernel hardening tools such as AppArmor, seccomp
  • Setup appropriate OS level security domains
  • Manage Kubernetes secrets
  • Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)
  • Implement pod to pod encryption by use of mTLS
  • Minimize base image footprint
  • Secure your supply chain: whitelist allowed registries, sign and validate images
  • Use static analysis of user workloads (Kubernetes resources, Docker files)
  • Scan images for known vulnerabilities
  • Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities
  • Detect threats within physical infrastructure, apps, networks, data, users and workloads
  • Detect all phases of attack regardless where it occurs and how it spreads
  • Perform deep analytical investigation and identification of bad actors within environment
  • Ensure immutability of containers at runtime
  • Use Audit Logs to monitor access

Requirements

  • Must know the basics of Kubernetes
  • Must have some hands on experience of Kubernetes
  • Ideally CKA or CKAD certified as that is also a prerequisite to take the CKS Exam

Description

Cluster Setup

  1. Use Network security policies to restrict cluster level access

  2. Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi)

  3. Properly set up Ingress objects with security control

  4. Protect node metadata and endpoints

  5. Minimize use of, and access to, GUI elements

  6. Verify platform binaries before deploying


Cluster Hardening

  1. Restrict access to Kubernetes API

  2. Use Role Based Access Controls to minimize exposure

  3. Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones

  4. Update Kubernetes frequently


System Hardening

  1. Minimize host OS footprint (reduce attack surface)

  2. Minimize IAM roles

  3. Minimize external access to the network

  4. Appropriately use kernel hardening tools such as AppArmor, seccomp


Minimize Microservice Vulnerabilities

  1. Setup appropriate OS level security domains

  2. Manage Kubernetes secrets

  3. Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)

  4. Implement pod to pod encryption by use of mTLS


Supply Chain Security

  1. Minimize base image footprint

  2. Secure your supply chain: whitelist allowed registries, sign and validate images

  3. Use static analysis of user workloads (e.g.Kubernetes resources, Docker files)

  4. Scan images for known vulnerabilities


Monitoring, Logging and Runtime Security

  1. Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities

  2. Detect threats within physical infrastructure, apps, networks, data, users and workloads

  3. Detect all phases of attack regardless where it occurs and how it spreads

  4. Perform deep analytical investigation and identification of bad actors within environment

  5. Ensure immutability of containers at runtime

  6. Use Audit Logs to monitor access

Who this course is for:

  • Anyone wishing to learn about Kubernetes Security or want to pass the CKS Exam

Debes tener en cuenta que los cupones duran maximo 4 dias o hasta agotar 1000 inscripciones,pero puede vencer en cualquier momento. Obten el curso con cupon haciendo clic en el siguiente boton:

(Cupón válido para las primeras 1000 inscripciones): OCTOBER3
Obtener Cupón Mas Cursos
Udemy UK
Tags:
789 0

Articulos Relacionados

content

Python And Flask Demonstrations Practice Course

This course is a Great Practice to both fundamental python programming concepts and the Flask Framework by demonstration

Ir al Curso
content

CSS And Javascript Crash Course

Learn CSS And JavaScript Programming Language With Practical Interaction

Ir al Curso
content

Python Complete Course For Python Beginners

Python Complete Course For Python Beginners.Learn Python From Beginner To Advanced Level

Ir al Curso
Suscríbete a nuestro boletín
Reciba los últimos Cupones y promociones (Solicitar Cupón)

Usamos cookies en este sitio web para brindarle la mejor experiencia en nuestro sitio y mostrarle anuncios relevantes. Para obtener más información, lea nuestro política de privacidad& política de cookies.