Instructor Led Training

Kubernetes Threat Hunting

The Kubernetes ecosystem is a complex web of APIs, tools, and services, all working together to create amazing things. But this ecosystem is under attack. As with physical security, the first step in zeroing in on threats is to monitor traffic and user activity in your system.  

When we understand what malicious activity looks like, we can deploy highly effective countermeasures that hunt and take down attackers. Train with us to be a Kubernetes Threat Hunter.

Talk to us

Course Overview

8 Hours

32 Lessons

14 Cloud Labs

Ideal for: Security Engineer / Product Security Teams

Kubernetes is a complex ecosystem. Companies, large and small, run their critical infrastructure, as containers atop Kubernetes. Kubernetes Security requires a deep-dive understanding of various APIs provided by Kubernetes and tools.Attackers have been able to compromise Kubernetes clusters. They have leveraged compromised clusters to do data exfiltration, run ransomware campaigns, etc on real-world Kubernetes clusters. A major deficiency in these Kubernetes clusters is the lack of security monitoring and active threat hunting capability.  

The aim of this training is to take the participant through a journey of highly practical and granular knowledge of Kubernetes offense, defense and detection. This class is an intense, deep-dive experience into Security on Kubernetes. We’d like participants to explore practical implementations of full-fledged environments, rather than have a surface-level understanding of attack, detection and defense in Kubernetes. Participants will walk away with long-term access to our online training portal and labs

Complete Course Outline

Know your trainer

Abhay Bhargav

CHief RESEARCH OFFICER, AppSecEngineer

Abhay started his career as a breaker of apps, in pentesting and red-teaming, but today is more involved in scaling AppSec with Cloud-Native Security and DevSecOpsHe has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, specifically Cloud-Native Security. In addition, Abhay has contributed to pioneering work in the Vulnerability Management space, being the architect of a leading Vulnerability Management and Correlation Product, Orchestron. Abhay is also committed to Open-Source and has developed the first-ever Threat Modeling solution at the crossroads of Agile and DevSecOps, called ThreatPlaybook.Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His training programs have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK and so on. He's authored two international publications on Java Security and PCI Compliance as well.

Big Wins For Your Enterprise

Give your team all the skills needed to build & deploy secure, scalable applications in Kubernetes.

Manage complex Kubernetes policies, certificates, and configurations in your environment.

Log & monitor your Kubernetes deployments, and search for threats using cutting edge tools and techniques.

Master threat hunting techniques through real-world stories & automated playbooks.

What Your Team Will Learn

The most important Kubernetes security concepts

Go hands-on with Kubernetes Threat Hunting stories

Use custom playbooks and advanced tactics to detect K8s threats

Address key security issues with strong preventive controls

Learn best with 1000+ labs modeled after real-world security scenarios

Crafted on Real-world training for product security teams

Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.

Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.

Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.

Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.

Explore Hands on Labs

Prerequisites

Knowledge base

Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial

Device requirements

For the optimal learning experience in this course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.

Minimum number of applicants

Talk to us

Testimonials

I found these courses to be pretty comprehensive and practically oriented. From dissecting common threat vectors to writing abuser stories, it had a lot of useful takeaways by the end.

DevOps Engineer at Streaming Services Provider

WORLD'S LARGEST SPORTS EQUIPMENT MANUFACTURER

Threat modeling has always been a bit elusive for my team, but these courses made it all click. The step-by-step breakdown of threat modeling concepts and integrating them into a DevSecOps pipeline gave us some solid, actionable learnings.

Developer at SaaS Company

DEFENSE INDUSTRY

“Threat modeling is seriously underrated compared to other security activities that have more visible impact. Fact of the matter is, if you can anticipate and build around potential threats to your software, that’s going to make a much bigger difference than if you set up a million defenses after the fact. These courses taught me how to do that!”

Head of Product at International Logistics Corporation

CYBERSECURITY OPERATIONS CENTER (CSOC)