In this self-paced tutorial, you will learn the basics of Kubernetes security and the fundamental attack vectors you need to guard against. The course highlights some of the vital security features and hardening techniques developers should know before deploying applications in Kubernetes. Furthermore, this course will help you effectively communicate essential security information to operations and security teams.
By the end of this lab, you should be able to:
- Identify flawed packages and dependencies
- Select a hardened and updateable base image for your application
- Recognize the fundamental Kubernetes objects needed to deploy your application safely
- Explain the security features related to said Kubernetes objects
- Communicate the core security requirements of your containerized application
- Overview: Understand the background necessary to take this course effectively
- Setup: Create a development environment to evaluate and tune a basic application
- Understanding an Applications Attack Surface: Review all of the core Kubernetes objects, the various threats external actors can utilize, and understand what steps will mitigate the applications attack surface.
- Harden the Application: Apply the core security concepts above to a simple application and deploy it in Kubernetes.