About Course
Kubernetes security, to some people is a complex subject because of the overwhelming jargon and the complex setup it requires to have a multi node cluster especially when you are doing it for the first time. The goal of this Course is to make things clearer and easier for those who are new to Kubernetes and Kubernetes security world.
What do you Learn ?
Different kuberenetes compon
Fundamentals of role based access controls in Kubernetes
How service accounts work in Kubernetes
The basics of Roles, Role Bindings, Cluster Roles, Cluster Role Bindings
Understand the Kubernetes Attack Surface
How a misconfigured Kubernetes Cluster can be exploited by attackers
How to attack the API Server using insecure port
How to attack a misconfigured Kubelet API
How ETCD storage works
How exposed Kubernetes Dashboard can be abused
How to perform Static Analysis of YAML files using Kube-audit
How to perform Static Analysis using Kubesec
How to perform Security Assessments using Kube-hunter
How to audit clusters using Kube-bench
How to scan Docker images using trivy
How to implement network policies
How to use Kubernetes Security Context to prevent attacks
Prerequisite
The course begins from basics
Its good to have Linux Knowledge
Its good to have Docker Knowledge
Who is this course for?
Security professionals who are into Kubernetes
Cloud engineers
Devops professionals
Penetration Testers
Red Team members
Anyone who is interested in Ethical Hacking and Penetration testing
Anyone who is interested in information security concepts
Course Curriculum
- What is Kubernetes (2:00)
- Fundamentals of Kubernetes (0:25)
- Required Virtual Machines Download (3:13)
- Instructor's Lab Setup (1:48)
- Downloadable files for lab setup
- Setting up a Kubernetes Cluster (11:43)
- Lab set up on Ubuntu 24.04 - Updated August 2024
- Verify The Setup (0:45)
- Common Kubernetes Terms (5:44)
- Understanding various Kubernetes components (5:38)
- Deploying the vulnerable application (13:54)
- An introduction to Kubectl (8:22)
- Introduction (0:52)
- Kubernetes Attack Surface (4:05)
- Role Based Access Controls - Part 1 (4:19)
- Role Based Access Controls - Part 2 (11:16)
- Role Based Access Controls - Part 3 (8:29)
- Misconfiguring our cluster (3:38)
- Getting started with pentesting a Kubernetes cluster- NMAP (2:14)
- Initial foot hold through Remote Command Execution (7:10)
- Post Exploitation - Enumeration (3:15)
- Post Exploitation - More Enumeration (6:49)
- Post Exploitation - Interacting with containers in the cluster (5:51)
- Getting access to the underlying host - Compromising the worker node (5:58)
- Getting access to the underlying host - Compromising the master node (4:01)
- Full cluster compromise - Summary of the attack (1:00)
- Misconfiguring and Attacking the API Server (10:31)
- Misconfiguring and Attacking the Kubelet API (9:31)
- Exploring and abusing etcd storage (12:04)
- Misconfiguring and Attacking exposed Kubernetes Dashboards (13:15)
- Introduction (1:25)
- Limiting Network Exposure (1:45)
- Use of Authorization (4:20)
- Introduction to Secrets (2:01)
- Introduction to Admission Controllers (2:54)
- Implementing Network Policies to limit the attack surface (10:58)
- Using Security Context to harden the containers (14:18)
- Hardening using Apparmor profiles (6:30)
- Hardening using Seccomp profiles (4:06)