OWASP Top 10 for Docker Containers and Kubernetes Security

Focused View

Enes Turan

2:38:11

17 View

01 - Introduction

001 Introduction to OWASP Top 10 for Docker and Kubernetes Security.mp4

04:10

002 Introduction to OWASP Docker Top 10.mp4

05:27

02 - Host OS vulnerabilities

001 Host OS Vulnerabilities.mp4

03:11

002 Remote Code Execution and Reverse Shell Attack Lab.mp4

09:00

003 Remote Code Execution and Reverse Shell Attack Document.html

03 - Insecure Container Images

001 Insecure Container Images.mp4

02:55

002 Command Injection Vulnerability Lab.mp4

08:20

04 - Insecure Container Configurations

001 Insecure Container Configurations.mp4

04:42

002 Insecure Container Configurations Lab.mp4

02:30

05 - Container Escape Vulnerabilities

001 Container Escape Vulnerabilities.mp4

03:42

06 - Inadequate Process Isolation

001 Inadequate Process Isolation.mp4

04:08

002 Cross-Container Compromise with SYS PTRACE Capability Lab.mp4

07:12

003 Cross-Container Compromise with SYS PTRACE Capability Document.html

07 - Inadequate Network Segmentation

001 Inadequate Network Segmentation.mp4

03:35

08 - Inadequate Logging and Monitoring

001 Inadequate Logging and Monitoring.mp4

02:48

09 - Insecure Data Storage in Containers

001 Insecure Data Storage in Containers.mp4

03:55

10 - Mounting Docker Socket

001 Mounting Docker Socket.mp4

02:04

002 Mounting Docker Socket and Remote Code Execution Lab.mp4

03:36

003 Mounting Docker Socket and Remote Code Execution Document.html

11 - Inadequate Resource Limits

001 Inadequate Resource Limits.mp4

03:44

12 - Inadequate Security Controls

001 Inadequate Security Controls and Unauthorized Access.mp4

03:11

002 Inadequate Security Controls Lab.mp4

02:14

003 Inadequate Security Controls Lab 2.mp4

02:08

13 - Introduction to OWASP Kubernetes Top 10

001 Introduction to OWASP Kubernetes Top 10.mp4

06:39

14 - Insecure Workload Configurations

001 Insecure Workload Configurations.mp4

03:50

002 Privileged Container Lab.mp4

08:37

15 - Supply Chain Vulnerabilities

001 Supply Chain Vulnerabilities & SBOMs.mp4

07:10

002 SBOM Lifecycle.mp4

04:11

003 Command Injection Vulnerability with Text for Shell.mp4

16:30

16 - Overly Permissive RBAC Configurations

001 Role-Based Access Control Configurations.mp4

06:04

002 Overly Permissive RBAC Configurations.mp4

05:04

003 Exploiting Overly Permissive Kubernetes RBAC Access to Steal Secrets Lab.mp4

04:59

004 Exploiting Overly Permissive Kubernetes RBAC to Steal Secrets.html

17 - Lack of Centralized Policy Enforcement

001 Lack of Centralized Policy Enforcement.mp4

04:20

18 - Inadequate Logging and Monitoring

001 Inadequate Logging and Monitoring.mp4

08:15

Description

Protect your containers and Kubernetes deployments with OWASP's Top 10 security guidelines

What You'll Learn?

Kubernetes Security Concepts
Technical insight into Kubernetes
Container Internals & Security
Identify and understand the top security risks associated with Kubernetes
How to secure container images and prevent supply chain attacks
Best practices for securing Kubernetes-based systems in production
Gain practical skills through hands-on activities and real-world examples
Common vulnerabilities and exploits, and how they can impact containerized deployments

Who is this for?

Developers who are building containerized applications and want to ensure they are secure

Security researchers who want to gain a deeper understanding of Kubernetes security risks and mitigation techniques

System administrators who are managing Kubernetes clusters and want to implement best security practices

DevOps engineers who are responsible for deploying and managing containerized applications in Kubernetes

IT managers who want to ensure their organization's Kubernetes-based systems are secure and compliant

Anyone interested in learning about Kubernetes security risks and mitigation techniques, regardless of their role or experience level

What You Need to Know?

Basic knowledge of containerization concepts

Familiarity with the command-line interface (CLI) and basic Linux commands

More details

Description
In the world of containerization, Kubernetes has emerged as a powerful platform for managing and deploying software applications. Its popularity has grown tremendously in recent years, but with that comes an increased need for security. This is where the Open Web Application Security Project (OWASP) Kubernetes Top 10 comes in. This course will provide students with a detailed understanding of these risks and how to address them to secure containerized deployments.
Throughout this course, students will gain an in-depth understanding of the most critical security risks associated with Kubernetes. They will learn about common vulnerabilities and exploits, as well as the potential impact of these risks on containerized deployments. From there, students will dive into the essential security measures needed to protect Kubernetes clusters and applications running on them. This includes topics such as access controls, authentication and authorization, network security, and more.
The course is designed to be highly interactive, with plenty of hands-on activities and real-world examples to ensure students gain practical skills that can be applied immediately. By the end of the course, students will have a solid understanding of Kubernetes security risks, the measures necessary to protect against them, and the tools and techniques available to manage security effectively. Whether you are a developer, system administrator, or security professional, this course will provide you with the skills and knowledge needed to secure your containerized deployments.
Who this course is for:
Developers who are building containerized applications and want to ensure they are secure
Security researchers who want to gain a deeper understanding of Kubernetes security risks and mitigation techniques
System administrators who are managing Kubernetes clusters and want to implement best security practices
DevOps engineers who are responsible for deploying and managing containerized applications in Kubernetes
IT managers who want to ensure their organization's Kubernetes-based systems are secure and compliant
Anyone interested in learning about Kubernetes security risks and mitigation techniques, regardless of their role or experience level

User Reviews

Rating

average 0

Total votes0

Focused display

Certified Professional Cloud Architect and Kubernetes enthusiast with several years of experience working with DevOps, container orchestration and platform engineering. He has helped multiple organizations implement DevOps practices and improve the reliability and scalability of their applications on Kubernetes. He also have experience in designing and implementing cloud infrastructure, and have deep understanding of best practices for cloud security, compliance, and governance. He has a strong passion for sharing his knowledge with others and helping them to be successful with DevOps, Kubernetes and Cloud Architecture.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.