Understanding syscall behavioral analysis - Kubernetes Tutorial

Contents

• Introduction Introduction

  • Certified Kubernetes Security Specialist (CKS): Introduction

    2m 37s
• 1. Getting CKS Certified 1. Getting CKS Certified

  • (Locked)
    Module 1: Preparing for the CKS exam introduction

    1m 20s
  • (Locked)
    Learning objectives

    42s
  • (Locked)
    CKS certification requirements

    10m 14s
  • (Locked)
    Resources and study tools

    6m 23s
  • Practice strategy

    10m 22s
  • (Locked)
    Creating a study timeline and expectations

    7m 17s
• 2. Building Your K8s Home Lab 2. Building Your K8s Home Lab

  • (Locked)
    Learning objectives

    44s
  • (Locked)
    Lab environment and architecture

    9m 21s
  • (Locked)
    Local installation

    5m 2s
  • (Locked)
    Cloud installation

    12m 20s
  • (Locked)
    Your cluster up and running

    15m 14s
• 3. Kubernetes Security Foundation 3. Kubernetes Security Foundation

  • (Locked)
    Learning objectives

    55s
  • (Locked)
    Cloud native security

    9m 3s
  • (Locked)
    Kubernetes architecture

    8m 59s
  • (Locked)
    Kubernetes PKI architecture

    5m 4s
  • Threat modeling K8s

    5m 17s
  • (Locked)
    Real world K8s hacks

    6m 54s
  • (Locked)
    OWASP kubernetes top 10

    6m 14s
• 4. Network Security Policies 4. Network Security Policies

  • (Locked)
    Module 2: Kubernetes cluster setup introduction

    39s
  • (Locked)
    Learning objectives

    50s
  • (Locked)
    Network security overview

    9m 44s
  • Pod communication policies

    11m 47s
  • (Locked)
    Segmentation

    22m 27s
• 5. CIS Benchmark Review of Kubernetes Components 5. CIS Benchmark Review of Kubernetes Components

  • (Locked)
    Learning objectives

    59s
  • (Locked)
    CIS benchmarks for Kubernetes

    2m 34s
  • (Locked)
    Install kube-bench

    3m 50s
  • (Locked)
    Checking compliance with kube-bench

    4m 26s
• 6. Properly Set Up Ingress with TLS 6. Properly Set Up Ingress with TLS

  • (Locked)
    Learning objectives

    59s
  • (Locked)
    Understanding ingress

    3m 14s
  • (Locked)
    Creating ingress objects

    6m 48s
  • (Locked)
    Ingress security options

    8m 51s
  • (Locked)
    Testing ingress access

    7m 22s
• 7. Protect Node Metadata and Endpoints 7. Protect Node Metadata and Endpoints

  • (Locked)
    Learning objectives

    1m 13s
  • Understanding kubelet

    7m 14s
  • (Locked)
    Network policies

    8m 16s
  • (Locked)
    Node metadata protection

    13m 18s
  • (Locked)
    Implement kubelet authentication

    8m 53s
  • (Locked)
    Test kubelet and node metadata security

    7m 52s
• 8. Kubernetes Dashboard Security 8. Kubernetes Dashboard Security

  • (Locked)
    Learning objectives

    55s
  • (Locked)
    K8s dashboard architecture

    5m 30s
  • (Locked)
    Dashboard installation

    11m 30s
  • (Locked)
    Role-based access control (RBAC)

    7m 11s
• 9. Verify Platform Binaries Before Deploying 9. Verify Platform Binaries Before Deploying

  • (Locked)
    Learning objectives

    1m 9s
  • (Locked)
    Understanding platform binary integrity

    5m 15s
  • (Locked)
    Download the latest Kubernetes release

    2m 11s
  • Verify binary checksum

    6m 54s
• 10. Restrict Access to Kubernetes API 10. Restrict Access to Kubernetes API

  • (Locked)
    Module 3: Cluster hardening introduction

    37s
  • (Locked)
    Learning objectives

    33s
  • (Locked)
    Kubernetes API fundamentals

    6m 31s
  • (Locked)
    Kubernetes access control

    10m 44s
  • (Locked)
    API server configuration

    11m 38s
  • (Locked)
    API server hardening

    13m 6s
  • (Locked)
    Verify access control policies

    13m 37s
• 11. Role Based Access Control (RBAC) 11. Role Based Access Control (RBAC)

  • (Locked)
    Learning objectives

    43s
  • (Locked)
    Understanding Kubernetes RBAC

    8m
  • (Locked)
    Creating a user account

    6m 10s
  • Applying roles to a user

    9m 49s
  • (Locked)
    Configuring and binding cluster roles

    5m 21s
  • (Locked)
    Verifying role rules

    9m 35s
• 12. Protecting Service Accounts 12. Protecting Service Accounts

  • (Locked)
    Learning objectives

    47s
  • (Locked)
    Understanding service accounts

    3m 36s
  • (Locked)
    Creating a service account

    6m 8s
  • (Locked)
    Disable default settings

    8m 41s
  • (Locked)
    Verify service account permissions

    4m 48s
• 13. Upgrade Kubernetes to Avoid Vulnerabilities 13. Upgrade Kubernetes to Avoid Vulnerabilities

  • (Locked)
    Learning objectives

    45s
  • (Locked)
    Kubernetes update process

    4m 55s
  • (Locked)
    Plan upgrade process

    5m 49s
  • Upgrade components and test

    13m 13s
• 14. Minimize Host OS Footprint 14. Minimize Host OS Footprint

  • (Locked)
    Module 4: System hardening introduction

    42s
  • (Locked)
    Learning objectives

    32s
  • (Locked)
    Host hardening

    11m 19s
  • (Locked)
    Remove unneeded services

    8m 29s
  • (Locked)
    Log system activities

    11m 35s
  • (Locked)
    Limit access

    9m 1s
• 15. Minimize External Access to the Network 15. Minimize External Access to the Network

  • (Locked)
    Learning objectives

    39s
  • (Locked)
    Understanding external access to Kubernetes

    3m 30s
  • (Locked)
    Finding open ports

    7m 1s
  • (Locked)
    Host firewall configuration

    5m 40s
  • (Locked)
    Test host firewall

    5m 53s
• 16. Kernel Hardening 16. Kernel Hardening

  • (Locked)
    Learning objectives

    39s
  • (Locked)
    Understanding kernel threats

    6m 52s
  • Using seccomp

    18m 5s
  • (Locked)
    Using AppArmor

    9m 3s
  • (Locked)
    Testing kernel security

    13m 24s
• 17. Use Least Privilege IAM 17. Use Least Privilege IAM

  • (Locked)
    Learning objectives

    37s
  • (Locked)
    Principle of least privilege

    5m 36s
  • (Locked)
    Host-based IAM

    8m 36s
  • (Locked)
    Restricting user privileges

    9m 49s
  • (Locked)
    Controlling file access and user logging

    7m 42s
  • (Locked)
    Understanding cloud RBAC

    3m 35s
• 18. Use Appropriate Pod Security Standards 18. Use Appropriate Pod Security Standards

  • (Locked)
    Module 5: Minimize microservice vulnerabilities introduction

    48s
  • (Locked)
    Learning objectives

    50s
  • Understanding pod security

    16m 9s
  • (Locked)
    Configure security contexts

    17m 12s
  • (Locked)
    Pod security admission

    7m 22s
  • (Locked)
    OPA gatekeeper

    13m 48s
• 19. Managing Kubernetes Secrets 19. Managing Kubernetes Secrets

  • (Locked)
    Learning objectives

    41s
  • (Locked)
    Understanding Kubernetes secrets

    3m 35s
  • (Locked)
    Creating and using a secret

    6m 32s
  • (Locked)
    Using secrets in pods

    3m 21s
  • (Locked)
    Encrypting secrets at rest

    11m 47s
• 20. Implement Container Isolation Techniques 20. Implement Container Isolation Techniques

  • (Locked)
    Learning objectives

    37s
  • (Locked)
    Containing containers

    5m 44s
  • (Locked)
    Sandboxed pods

    15m 27s
  • (Locked)
    Using qVisor

    8m 16s
  • (Locked)
    Using Kata containers

    8m 59s
• 21. Implement Pod-to-Pod Encryption with Cilium 21. Implement Pod-to-Pod Encryption with Cilium

  • (Locked)
    Learning objectives

    40s
  • (Locked)
    Introduction to Cilium and mTLS

    6m 16s
  • (Locked)
    Using Cilium for pod-to-pod encryption

    16m 19s
  • (Locked)
    Deploying and verifying mTLS with Cilium

    10m 8s
• 22. Secure Your Software Supply Chain 22. Secure Your Software Supply Chain

  • (Locked)
    Module 6: Software supply chain security introduction

    40s
  • (Locked)
    Learning objectives

    35s
  • (Locked)
    Software supply chain risks

    9m 25s
  • (Locked)
    Protect image registry access

    5m 36s
  • (Locked)
    Require signed images

    14m 22s
  • (Locked)
    Policy enforcement: Image policy webhook

    21m 28s
  • (Locked)
    Policy enforcement: Validating admission policy

    8m 55s
• 23. Static Analysis of Workloads and Containers 23. Static Analysis of Workloads and Containers

  • (Locked)
    Learning objectives

    39s
  • (Locked)
    Static analysis fundamentals

    6m 11s
  • (Locked)
    Scan manifests for vulnerabilities with kube-linter

    4m 35s
  • (Locked)
    Scanning for cluster vulnerabilities

    4m 43s
• 24. Minimize Base Image Footprint 24. Minimize Base Image Footprint

  • (Locked)
    Learning objectives

    31s
  • Understanding container images

    8m 57s
  • (Locked)
    Use image creation good practices

    7m 4s
  • (Locked)
    Reduce image attack surface

    6m 1s
• 25. Scan Images for Known Vulnerabilities 25. Scan Images for Known Vulnerabilities

  • (Locked)
    Learning objectives

    50s
  • (Locked)
    Scanning for vulnerable images

    4m 39s
  • (Locked)
    Using Trivy to identify vulnerable containers

    7m 59s
  • (Locked)
    Using the Trivy operator

    10m 45s
  • (Locked)
    Using Trivy and Kyverno for SBOM attestation

    12m 6s
• 26. Ensure Immutability of Containers at Runtime 26. Ensure Immutability of Containers at Runtime

  • (Locked)
    Module 7: Monitoring, logging, and runtime security introduction

    41s
  • (Locked)
    Learning objectives

    48s
  • (Locked)
    Understanding immutability

    6m 2s
  • (Locked)
    Read only filesystem

    5m 34s
  • (Locked)
    Policy enforcement with VAP

    8m 36s
• 27. Use Kubernetes Audit Logs to Monitor Access 27. Use Kubernetes Audit Logs to Monitor Access

  • (Locked)
    Learning objectives

    37s
  • (Locked)
    Auditing in Kubernetes

    7m 44s
  • (Locked)
    Define an audit policy

    12m 56s
  • (Locked)
    Event batching and tuning

    3m 3s
  • (Locked)
    Configure backend log storage

    7m 14s
• 28. Detect Malicious Activity, Threats, and Attacks 28. Detect Malicious Activity, Threats, and Attacks

  • (Locked)
    Learning objectives

    47s
  • (Locked)
    Understanding syscall behavioral analysis

    12m 28s
  • (Locked)
    Using Falco for threat detection

    7m 14s
  • (Locked)
    Falco host installation

    14m
  • (Locked)
    Falco Kubernetes installation

    13m 51s
  • (Locked)
    Falco configuration and rules

    7m 42s
  • (Locked)
    Falco custom rules in action

    19m 17s
• 29. Investigate and Identify Signs of Compromise 29. Investigate and Identify Signs of Compromise

  • (Locked)
    Learning objectives

    35s
  • (Locked)
    MITRE ATT&CK® framework

    11m 39s
  • (Locked)
    Security event log review

    4m 28s
  • Gathering evidence of compromise

    11m 23s
  • (Locked)
    Practicing Kubernetes security

    8m 9s
• 30. CKS Practice Exam 1 30. CKS Practice Exam 1

  • (Locked)
    Module 8: Exam practice scenarios introduction

    42s
  • (Locked)
    Learning objectives

    52s
  • (Locked)
    Securing Kubernetes API access

    12m 37s
  • (Locked)
    Implementing pod security standards (PSS)

    11m 43s
  • (Locked)
    Enforcing network policies for pod communication

    12m 27s
  • (Locked)
    Restricting image registries

    11m 7s
  • (Locked)
    Configuring secret encryption

    12m 32s
• 31. CKS Practice Exam 2 31. CKS Practice Exam 2

  • (Locked)
    Learning objectives

    57s
  • (Locked)
    Container runtime security

    11m
  • (Locked)
    Detecting malicious behavior using Falco

    17m 9s
  • (Locked)
    Enforcing network encryption

    11m 16s
  • (Locked)
    Secure ingress via TLS

    13m 7s
  • (Locked)
    Detecting and mitigating security vulnerabilities

    15m 37s
• Summary Summary

  • (Locked)
    Certified Kubernetes Security Specialist (CKS): Summary

    1m 42s