O'Reilly logo
live online training icon Live Online training

Intense Introduction to Docker and Kubernetes Security in 4 Hours

Topic: System Administration
Omar Santos

Docker, containers, and Kubernetes have transformed the way we create, deploy, and orchestrate applications on-premise and in the cloud. Yet as these solutions are prone to a number of vulnerabilities and secure misconfigurations that lead to significant breaches and security risks, it has become increasingly important that you know how to implement safeguards.

This fast-paced training will teach you the basics of Docker and Kubernetes security. You will learn the various concepts of container security, how to prevent issues related to container supply chain security, and best practices around application isolation and protection. You will also learn about different authentication schemes, key concepts for how to perform logging, and how to audit the Docker platform. This training also covers clear advice on securing Kubernetes deployment, including how to secure the k8s API server, controller manager, scheduler, kubelet, worker nodes, and running etcd safely. You will also learn details about role-based authentication (RBAC), securing service accounts, Kubernetes Pod security policies, network policies, and secret management.

What you'll learn-and how you can apply it

  • Docker security fundamentals
  • Kubernetes security best practices
  • Application isolation
  • Multi-tenancy isolation
  • Authentication schemes
  • Container supply chain security issues
  • Control plane protection
  • Encryption in Docker and Kubernetes deployments
  • Secret management
  • Linux security modules related to Docker and Kubernetes
  • Docker and Kubernetes security vulnerability management
  • Kubernetes Pod security policies

This training course is for you because...

  • You are a developer, operator, system administrator, network administrator, or IT security professional with a basic understanding of Docker technologies desiring a deep understanding of securing Docker environments at scale in an enterprise environment. security.
  • You would like to better understand Kubernetes security best practices.
  • You are an ethical hacker, security analyst, or engineer and want to expand your knowledge in modern application security concepts.

Prerequisites

  • Course participants should have a basic understanding of computing and networking concepts.
  • A knowledge of cybersecurity basics. The following books and video courses provides a good overview of cybersecurity fundamentals that are prerequisites for this course:

Course Set-up

The course setup instructions are documented at https://theartofhacking.org/docker-kubernetes

Recommended Preparation

Recommended Follow-up

About your instructor

  • Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives. He is the lead of the DEF CON Red Team Village; the chair of the Common Security Advisory Framework (CSAF) technical committee; the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group; and has been the chair of several initiatives in the Industry Consortium for Advancement of Security on the Internet (ICASI). His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.

    Omar is the author of over twenty books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. Additional information about Omar’s current projects can be found at omarsantos.io and you can follow Omar on Twitter @santosomar.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Introduction to Container security (10 minutes)

Kernel namespaces (10 minutes)

Privileged vs Unprivileged Containers (10 minutes)

Secure computing mode (10 minutes)

Linux security modules (10 minutes)

Break (10 minutes)

Issues related to the container supply chain (10 minutes)

Default and custom network encryption (10 minutes)

Application isolation (10 minutes)

Authentication (10 minutes)

Role Based Access Control vs. discretionary access model (10 minutes)

Break (10 minutes)

Multitenancy isolation (10 minutes)

Known vulnerability audits (10 minutes)

Logging and Auditing the Docker platform (10 minutes)

Introduction to Kubernetes Security (10 minutes)

Control plane protection (10 minutes)

Break (10 minutes)

Securing the kube-apiserver (10 minutes)

Controller manager and scheduler security (10 minutes)

RBAC and Service Accounts (10 minutes)

Pod Security Policies (10 minutes)

Network Policies and CNI (10 minutes)

Secrets Management (10 minutes)