Image Assurance and Runtime Security

Getting full control of your endpoint security, from perimeter to the application and throughout its lifecycle

The Image assurance and Container runtime security workshop will build on your Kubernetes and containers skillset and help you complete your journey towards protecting your applications throughout their life cycle, from build to runtime.
The workshop will take you through a packet walk, from the edge to the app, and highlight what needs to be implemented as you mature on your journey towards modern application building.
We will start by bridging the gap between traditional and modern security principles and show the added benefits of a modern architecture.
We will then review how security can be integrated at the perimeter before sliding left and see controls available at the cluster and pod levels before getting to the checks that need to be implemented at runtime.
The workshop will enable you and your team to get in-depth knowledge but also provide you with the practical steps and processes needed to reinforce your security posture, identify gaps and report on the security status of your cluster.

Scope

The container security workshop covers the following:

Overview of traditional and modern security needs for containerized workload from host and network based threats
Security Posture - First steps towards your shift left journey and how you can get visibility in your Kubernetes environment
Cluster and Pods - How to secure East/West traffic, investigate suspect inbound traffic, take a proactive approach to ensure pods are not compromised
Runtime - What is expected container behavior, what is a suspicious container activity, and how to create alert mechanism in the event of attack

Value

Expand your knowledge on how to extend traditional security principles to Kubernetes based applications
Strengthen your understanding of the fundamentals of your Kubernetes cluster and container security
Gain in-depth knowledge on the recommended best security practices, architecture principles, application level controls, and runtime defense covering the life-cycle of your application and with the relevant alerts and notifications
Practice troubleshooting techniques with our hands-on labs for common use cases
Hands-on labs consisting of troubleshooting walkthroughs and “fix-it-yourself” scenarios

Delivery

Day 1

Introductory session presenting the workshop and gathering specific requirements and areas of interests
Review traditional security principles, how they extend to Kubernetes cluster and workloads
Review of network security controls available at the perimeter and extend them to the workloads such as egress gateways, Web Application Firewall, and IDS and IPS

Day 2

Review of cluster and pod security controls
Understanding Deep Packet Inspection
Review the principles and benefits of workload-centric Web Application Firewall
Understand Image Assurance
Walk through different troubleshooting scenarios by detecting bad actors within the cluster
Hands-on session starting with the deployment of a test application, view workload-to-workload communication, image controls and alerts
Deploy and enforce policy to prevent bad actors from leveraging Kubernetes flat architecture for lateral movements of threats

Day 3

Review container runtime detectors and how they operate
Hands-on session to see how to leverage them with a real-life scenario using alerts and Dynamic Service and Threat Graph
Hands-on session to troubleshoot a sample security policy at run time with command line interface only

Deliverables

Provide course documentation and recording for reference