Instructor Led Training

Kubernetes Security Masterclass

In a containerized app economy, software operates less like a giant ship and more like a whole fleet of smaller vessels. Kubernetes is the captain in charge of them all. But the inherent complexity of Kubernetes can make it challenging to secure.



Kubernetes security spans various disciplines from access control and cryptography, to network security and threat modeling. Gain mastery over the tech that's shaping thousands of businesses worldwide.

Course Overview

8 Hours
32 Lessons
14 Cloud Labs
Ideal for: Security Engineer  /  Product Security Teams

Kubernetes has emerged as the leading container orchestration and management platform for on-prem and cloud environments. However, Kubernetes is a multi-headed beast with several minute and nuanced security configuration parameters. In addition, attackers take advantage of these insecurely configured and designed Kubernetes deployments and perform deep-incursions into the organization’s assets. This training is a hard-core hands-on view of Kubernetes Security from an Attack and Defense perspective.



The course takes the participants through a journey where they start with setting up a Kubernetes cluster (simulating an on-prem Kubernetes) deployment, attack the cluster and learn, through multiple deep-dive examples and cookbooks on how they can effectively secure Kubernetes clusters. The course is aimed at providing a view of attacking, auditing and defending Kubernetes clusters on-prem or on the cloud.

Know your trainer

Abhay Bhargav

CHief RESEARCH OFFICER, AppSecEngineer
Abhay started his career as a breaker of apps, in pentesting and red-teaming, but today is more involved in scaling AppSec with Cloud-Native Security and DevSecOpsHe has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, specifically Cloud-Native Security. In addition, Abhay has contributed to pioneering work in the Vulnerability Management space, being the architect of a leading Vulnerability Management and Correlation Product, Orchestron. Abhay is also committed to Open-Source and has developed the first-ever Threat Modeling solution at the crossroads of Agile and DevSecOps, called ThreatPlaybook.Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His training programs have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK and so on. He's authored two international publications on Java Security and PCI Compliance as well.

Benefits as an enterprise

Acquire advanced skills in large-scale & complex container deployments using Kubernetes.

Learn common attack patterns against Kubernetes clusters, misconfigurations, and components.

Implement granular security controls across your deployments & manage Kubernetes policies.

Configuring AuthN & AuthZ, secrets management, and monitoring Kubernetes clusters.

What Your Team Will Learn

Attack Kubernetes clusters & components

RBAC, AuthN, AuthZ, and Secrets

Service Mesh, Kubernetes policies and Network security, logging & monitoring

Learn best with 3000+ labs modeled after real-world security scenarios

Crafted on Real-world training for product security teams

Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.

Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.

Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.

Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.

Explore Hands on Labs

Prerequisites

Knowledge base

Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial

Device requirements

For a optimal learning experience in this course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.

Minimum number of applicants

10

Talk to us

Testimonials

I found these courses to be pretty comprehensive and practically oriented. From dissecting common threat vectors to writing abuser stories, it had a lot of useful takeaways by the end.

DevOps Engineer at Streaming Services Provider

WORLD'S LARGEST SPORTS EQUIPMENT MANUFACTURER
Threat modeling has always been a bit elusive for my team, but these courses made it all click. The step-by-step breakdown of threat modeling concepts and integrating them into a DevSecOps pipeline gave us some solid, actionable learnings.

Developer at SaaS Company

DEFENSE INDUSTRY
“Threat modeling is seriously underrated compared to other security activities that have more visible impact. Fact of the matter is, if you can anticipate and build around potential threats to your software, that’s going to make a much bigger difference than if you set up a million defenses after the fact. These courses taught me how to do that!”

Head of Product at International Logistics Corporation

CYBERSECURITY OPERATIONS CENTER (CSOC)

Boost Your Skills with Our DevSecOps Bootcamp

Ready to dive into DevSecOps? Join our 4-week bootcamp and get hands-on with the tools, techniques, and best practices that matter most. Here's why you should consider it:
Focused Learning: We cover essential DevSecOps topics in detail.
Top Instructors: Learn from experts every Friday.
Hands-On Practice: Tackle real tasks and challenges to get ready for the real world.
Meet Peers: Connect with others in the field and share knowledge.
Prep for Certification: If you're eyeing our DevSecOps Certification, this bootcamp is the perfect warm-up.
Join us starting January 10, 2024, and gear up for a deep dive into DevSecOps. Whether you're aiming for certification or just looking to boost your skills, our bootcamp has you covered.
Join the next Bootcamp
DevSecOps Bootcamp

+ Certification Bundle

$2999

Immerse yourself fully in our intensive 4-week bootcamp, conducted by industry experts. This end-to-end offering ensures you grasp every nuance of DevSecOps and rounds off with the certification process. Ideal for those seeking an in-depth learning experience before taking on the challenge of certification.

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Started Now
X
X
Copyright AppSecEngineer © 2025
End-of-Year Special: Blow that Budget Sale! More seats, bigger savings.