Securing Containers and Kubernetes Ecosystem

Securing Containers and Kubernetes Ecosystem

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 2h 06m | 349 MB


Containers have transformed the way applications are built, deployed, and managed. But it’s only a matter a time before a vulnerability or misconfiguration leads to a newsworthy security breach. Establishing security controls is essential to protect applications being deployed in orchestration systems like Kubernetes. This course explains how to secure containers and the Kubernetes ecosystem using a simple five-factor model. Instructor Sam Sehgal—a security strategist and architect —reviews the containers and Kubernetes technology architecture, the application development and deployment life cycle, as well as the attack surface and vectors. He then introduces his five-factor security model to protect Kubernetes and its components, and shows how to apply security controls to the design and code, images and registries, containers and hosts, applications, and Kubernetes clusters.

Topics include:

  • Defining containers
  • What is Kubernetes?
  • Attack surface and vectors
  • Five security factors
  • Securing containerized app code
  • Securing images
  • Securing hosts and the container working environment
  • Securing apps in Kubernetes
  • Securing Kubernetes clusters


+ Table of Contents

1 Protect your containers and Kubernetes ecosystem
2 What you need to know
3 What are containers
4 Virtualization
5 Isolation and OS security features
6 Container runtime
7 What is Kubernetes
8 Kubernetes master node
9 Kubernetes worker node
10 Overall technology architecture
11 Container deployment and orchestration lifecycle
12 Attack surface and vectors
13 Five factors
14 Secure design before code
15 Secure code
16 Secure container images, part 1
17 Secure container images, part 2
18 Image registries
19 Image registry access control
20 Container working environment
21 Container network security
22 Container port and interface security
23 Host OS protection
24 Securing applications in Kubernetes
25 Access management
26 Authenticating users
27 Authenticating service accounts
28 Authorization
29 Admission control
30 Security context
31 Security policy
32 Kubernetes network security
33 Secrets management
34 Cluster security goals
35 Securing API server traffic
36 Securing cluster components
37 Infrastructure security
38 Logging and monitoring
39 Next steps