Training

Secure Kubernetes Application Delivery

This is a four-day instructor led classroom training course delivered on our behalf by our friends at Control Plane. It is suitable for intermediate to advanced Kubernetes development, operations, and security teams. Operational knowledge of Docker and Kubernetes is a prerequisite. It is particularly beneficial for those operating Kubernetes in a high-compliance domain, and for established security professionals looking to update their skills for the cloud native world.

Course Description

This unique, industry-leading course takes attendees through the architecture, security, and delivery of Kubernetes application pipelines for high compliance organisations, using the best of current and next generation tooling. With a targeted focus on full-stack security testing, enforced governance, and total auditability, attendees can expect to learn how to deploy application, network, and cluster security solutions, and ensure chain of custody for every line of code and dependency deployed to production.

Course Outline

  • Container exploitation by example
  • Kubernetes attack surface
  • Kubernetes deployment pipelines
  • Source control signing and verification
  • Container image vulnerability scanning
  • Circumventing pipeline controls
  • Image signing and Notary
  • Pipeline metadata with Grafeas
  • Supply-chain verification with in-toto
  • Kubernetes & container security testing
  • Secure GitOps deployments
  • Users, identity, and RBAC
  • Runtime security and intrusion detection
  • Network policy and lockdown
  • Service meshes, Istio, and workload identity
  • Advanced container isolation

How To Book

Please get in touch if you’d like to book this course.