Container and Kubernetes Security Workshop

A practical Hands-On Workshop for Linux, Container and Kubernetes Security.

Prerequisites

• A Linux OS or VM (Ubuntu preferred) with Root access
• Installed Container Runtime (Docker preferred)
• Access to a Kubernetes Cluster with kubectl installed

🐧 Linux Security Basics for Containers

Basics

• 🐧 Linux File Permissions Labs
• 🐧 Linux Namespaces Labs
• 🐧 Linux Capabilities Labs
• 🚧 Linux Control Groups (cgroups) Labs

Advanced

• 🚧 Linux AppArmor Labs
• 🚧 Linux SELinux Labs
• 🚧 Linux Seccomp Labs

Logging and Monitoring

• 🐧 Linux System Logging Labs
• 🐧 Linux System Monitoring Labs

🐳 Container Security

Basics

• Basic Container Security Labs
• 🐳 Build Container Container Image Labs

Advanced

• 🐳 Docker Linux Capabilities Labs
• 🐳 Container Image Scanning Labs
• 🐳 Docker Static Security Testing Labs

Hacking

• 🐳 Docker Container Escaping Labs

☸️ Kubernetes Security

Basics

• ☸️ Basic Kubernetes Security Labs

Advanced

• ☸️ Kubernetes RBAC Labs
• ☸️ Kubernetes Pod Security Context Labs
• ☸️ Kubernetes Pod Security Admission Labs
• ☸️ Kubernetes Network Policies Labs
• ☸️ Kubernetes Static Security Testing Labs

Hacking and Runtime Security

• ☸️ Kubernetes Container Escaping Labs
• ☸️ Kubernetes Runtime Security with Falco Labs

🔐 Secrets Management

Basics

• 🔐 Kubernetes Secrets Basics Labs

Advanced

• 🔐 Kubernetes Secrets Are Not Encrypted Labs
• 🔐 Kubernetes Secrets Encrypted At Rest Labs
• 🔐 Kubernetes Secrets with HashiCorp Vault Labs

📚 Further Resources

• Kubernetes Authorization (RBAC)
• Helpful Tools for Container & K8s Security
• List of Further Resources