This is a four-day instructor led classroom training course delivered on our behalf by our friends at Control Plane. It is suitable for intermediate to advanced Kubernetes development, operations, and security teams. Operational knowledge of Docker and Kubernetes is a prerequisite. It is particularly beneficial for those operating Kubernetes in a high-compliance domain, and for established security professionals looking to update their skills for the cloud native world.
This unique, industry-leading course takes attendees through the architecture, security, and delivery of Kubernetes application pipelines for high compliance organisations, using the best of current and next generation tooling. With a targeted focus on full-stack security testing, enforced governance, and total auditability, attendees can expect to learn how to deploy application, network, and cluster security solutions, and ensure chain of custody for every line of code and dependency deployed to production.
- Container exploitation by example
- Kubernetes attack surface
- Kubernetes deployment pipelines
- Source control signing and verification
- Container image vulnerability scanning
- Circumventing pipeline controls
- Image signing and Notary
- Pipeline metadata with Grafeas
- Supply-chain verification with in-toto
- Kubernetes & container security testing
- Secure GitOps deployments
- Users, identity, and RBAC
- Runtime security and intrusion detection
- Network policy and lockdown
- Service meshes, Istio, and workload identity
- Advanced container isolation
How to Book
Please get in touch if you'd like to book this course.