Course Summary
Container Security Expert is the training program for professionals tasked with securing the container environment. The course allows you to get hands-on experience as you work with live containers in our lab, gaining significant insights that will arm you to secure a containerized platform in any environment.
You will gain skills like:
• Understanding container security principles and the unique challenges associated with containerized environments.
• Implementing best practices for securing Docker containers, including image hardening and vulnerability management.
• Configuring container orchestration platforms (e.g., Kubernetes, Docker Swarm) securely with role-based access control (RBAC) and network policies.
• Implementing container runtime security measures such as container isolation, least privilege access, and runtime monitoring.
• Integrating container security into the CI/CD pipeline, including automated security testing and scanning of container images.
Module 1: Introduction to Containers
• What is a container?
• Basics of a container and its challenges
• Container vs. Virtualization
• Container Advantages
• Container Disadvantages
• Container fundamentals
• Namespaces
• Cgroup
• Capabilities
• Docker architecture and its components
• Docker CLI
• Docker Engine (Daemon, API)
• Docker Runtime (containerd, shim, runc)
• Interacting with container ecosystem
• Docker images and image layers
• Build Container images using Dockerfile
• Docker image repository
• Running a container
• Managing / Orchestrating multiple containers
• Using CLI/API to manage multiple containers
• Docker Compose
• Docker Swarm
• Kubernetes
• Docker alternatives
• Podman
• CRI-O
Module 2: Container Reconnaissance
• Overview of Container Security
• Attack surface of the container ecosystem
• Identifying the components and their security state
• Get an inventory of containers
• Docker Images
• Dockerfile and Environment variables
• Docker volumes
• Docker Networking
• Ports used/Port forwarding
• Docker Registries
• Exhaustive review of Namespaces, cgroups and capabilities
• Analysis of the attack surface
• Using native tools
• Using third-party tools
Module 3: Attacking Containers and Containerized Apps
• Containers Attack Matrix
• Image-based attacks
• Malicious Images
• Extracting passwords, tokens, TLS certs, etc.
• Exploiting vulnerable components
• Registry-based attacks
• Insecure Docker registries
• Open Docker registries
• Lack of authorization (RBAC)
• Container-based attacks
• Manipulating the Privileged mode containers
• Attacking mounted docker volumes
• Abusing SetUID/SetGID binaries
• Exploiting shared namespaces
• Attacking Linux capabilities
• Docker host (Daemon) / kernel attacks
• Exploiting unauthenticated Docker API
• Insecure Docker endpoint
• Lack of network segregation
• Denial of service attacks
• Kernel exploits
• Privilege escalation methods in Docker
• Security misconfigurations
• Attacking management tools (Portainer)
• Exploiting OWASP Top 10 issues in containerized apps
Module 4: Defending Containers and Containerized Apps on Scale
• Container image security
• Building secure container images
• Choosing base images
• Distroless images
• Scratch images
• Security Linting of Dockerfiles
• Static Analysis(SCA) of container images
• Scan for vulnerabilities in container
• Choosing the right container scanner tool for your needs
• Docker Daemon security configurations
• Docker user remapping
• Docker runtime security (gVisor, Kata)
• Docker socket configuration
• fd
• TCP socket
• TLS authentication
• Dynamic Analysis of the container hosts and daemons
• Docker host security configurations
• Kernel Hardening using Seccomp and AppArmor
• Custom policy creation using Seccomp and AppArmor
• Network Security in containers
• Segregating networks
• Misc Docker Security Configurations
• Content Trust and Integrity checks
• Docker Registry security configurations
• Private vs. Public Registries
• Authentication and Authorization (RBAC)
• Built-in Image scanning capabilities
• Policy enforcement
• DevOps CI/CD Integration
• Docker Tools, Techniques and Tactics
• Tools
• Dive (Forensic)
• Dockle
• Techniques
• Tactics
Module 5: Security Monitoring of Containers
• Monitoring Docker events, logs
• Incident response in containers
• Docker runtime prevention
• Policy creation, enforcement, and management
• Docker security monitoring using Wazuh
Other Popular Courses
Mastering Communication & Presentation Te...
- Duration: 4 Days
- Language: Danish
- Level: Intermediate
- Exam: MCPT
Next Generation Mindfulness
- Duration: 1 Days
- Language: English
- Level: Foundation
- Exam: NGM
Nutanix Multicloud Infrastructure Design (NMC...
- Duration: 1 Days
- Language: English
- Level: Advanced
- Exam: Nutanix Certifi