About The Training

In this training, we will observe attack patterns and offensive tactics in the Kubernetes ecosystem. As we learn from these insights, our focus will shift to building defenses, hardening, and implementing security best practices across the layers of a Kubernetes cluster. We'll leverage a variety of open-source tools and apply battle-tested methods to secure and safeguard cluster environments. Additionally, we'll use real-world attacks to validate our security measures, demonstrating how our guardrails can detect and prevent them. This is a hands-on training that focuses on hardening and constructing security guardrails at multiple layers of Kubernetes, including native RBAC policies, Network Security Policies (NSP), audit logging, and advanced tools like Kyverno, OPA, and eBPF utilities such as Tetragon, etc.

Intermediate - Advanced 

• Kubernetes 101: Fast-Track Introduction
• Introduction to Kubernetes Security Posture Management
• Understanding the Threat Landscape in Kubernetes Environments
• Leveraging MITRE ATT&CK Matrix and D3FEND for Kubernetes
• Threat Modeling Kubernetes and Its Core Components
• Offensive Tactics in Kubernetes: Real-World Attack Scenarios
• Analyzing Attack Patterns and Vulnerabilities in Common Kubernetes Setups
• Layered Security Model for Kubernetes: A Comprehensive Approach
• Implementing Defense-in-Depth with Kubernetes Native Security Mechanisms (RBAC, NSP, etc.)
• Establishing Security Guardrails: Automation and Policy Enforcement
• Policy Enforcement with Open Policy Agent (OPA) and Kyverno
• Enhancing Supply Chain Security with the SLSA Framework
• Infrastructure Hardening and Scanning Using Infrastructure-as-Code (IaC) Tools
• Continuous Improvement through Audit Logging and Monitoring
• Runtime Security and Detection Engineering with eBPF-Powered Tetragon
• Validating Security: Testing and Strengthening Defenses
• Conducting Compliance Audits and Security Benchmarking with CIS Benchmarks and Open-Source Tools (Kubescape, KICS, Checkov, etc.)
• Further Learning: Resources and References

• Laptop with a modern browser, and wireless internet connectivity

• Able to use Linux CLI
• Basic understanding of Containers, Kubernetes
• Security Experience would be a plus

• Blue Teams, Defenders, and Security Engineers
• DevOps, Cloud, SRE, and Platform Teams
• Security and Solutions Architects, Kubernetes Administrators
• Anyone Interested in Learning Defensive Strategies for Kubernetes and Containerized Environments

• Hands-on Expertise in Kubernetes Defense: Students will gain practical, real-world experience in securing Kubernetes environments by implementing hardening techniques, conducting blue team exercises, and performing security assessments to reinforce defense mechanisms against common attacks in containerized environments.
• Advanced Defense Techniques and Vulnerability Mitigation: The course will teach students how to go beyond basic defenses by using defense-in-depth strategies, mitigating complex attack chains, and addressing security risks such as privilege escalation, lateral movement, persistence, and defense evasion through Kubernetes-native tools and configurations.
• Comprehensive Defensive Learning Resources: Participants will receive a complete digital guidebook, hands-on labs, and additional resources designed to strengthen their understanding of defensive strategies and enable continued security improvement and study beyond the course.

• Dedicated Kubernetes Cluster Environment: Each participant receives a custom-built Kubernetes cluster to work with throughout the training.
• Lifetime Access to Lab Files and Setup: Participants will have all lab files and instructions to reproduce the training environment in their own setup, with lifetime access.
• Comprehensive Step-by-Step Digital Guidebook: A detailed guidebook covering the entire training will be provided for easy reference.
• 30-Day Access to Private Slack Channel: Participants can join a private Slack channel for 30 days to ask questions and engage in discussions.
• Kubectl Cheatsheet, Tool Checklist, and Additional Resources: Participants will receive a handy kubectl cheatsheet, a checklist of essential tools, and other valuable resources.

Basics and things already mentioned to be familiar with as this course requires an understanding of Linux CLI & k8s.