Certified Container Security Expert (CCSE)

Kód kurzu: CCSE

Learn how organizations protect against attacks and plan to assess/reduce software supply chain risks. Topics cover attacking code, container, Kubernetes, and cloud supply chains.

Container Security Expert is the training program for professionals tasked with securing the container environment. The course allows you to get hands-on experience as you work with live containers in our lab, gaining significant insights that will arm you to secure a containerized platform in any environment.

Course Inclusions:

Course Manual

Course Videos and Checklists

30+ Guided Exercises

30 days Online Lab Access

Access to a dedicated Mattermost channel

One exam attempt for Certified Container Security Expert Certification

Termíny kurzov

Počiatočný dátum: Na vyžiadanie

Forma: E-learning

Dĺžka kurzu: 30 dní

Jazyk: en

Cena bez DPH: 470 EUR

Registrovať

	Počiatočný dátum	Miesto konania	Forma	Dĺžka kurzu	Jazyk	Cena bez DPH
	Na vyžiadanie		E-learning	30 dní	en	470 EUR	Registrovať
G	Garantovaný kurz

Počiatočný
dátum

Miesto
konania

Forma

Dĺžka
kurzu

Jazyk

Cena bez DPH

Na vyžiadanie

E-learning

30 dní

470 EUR

Registrovať

Garantovaný kurz

Popis kurzu

Upon completion of the course, you will be able to:-

Building solid foundations that are required to understand the container security landscape

Embedding security while creating, building container images, and securing running containers

Gaining knowledge in limiting the blast radius in case of a container compromise

Gaining expert skills in analyzing container weaknesses, attacking containers, and defending containers through various tools and tactics

Learning to monitor containers for detecting anomalies and responding to threats

Gaining abilities to apply practical container security skills in real-world container deployments

Štruktúra kurzu

Chapter 1: Introduction to Containers

What is a container?
Basics of a container and its challenges
Container vs. Virtualization
- - Container Advantages
  - Container Disadvantages
Container fundamentals
- - Namespaces
  - Cgroup
  - Capabilities
Docker architecture and its components
- - Docker CLI
  - Docker Engine (Daemon, API)
  - Docker Runtime (containerd, shim, runc)
Interacting with container ecosystem
- - Docker images and image layers
  - Build Container images using Dockerfile
  - Docker image repository
  - Running a container
Managing / Orchestrating multiple containers
- - Using CLI/API to manage multiple containers
  - Docker Compose
  - Docker Swarm
  - Kubernetes
Docker alternatives
- - Podman
  - CRI-O
Hands-on Exercises:
- Working With Docker Command
- Docker Networking
- Manage Data in Docker
- Create Docker Image using Dockerfile
- Writing Dockerfile
- How To Use Container Registry
- Learn Docker Compose
- Working With Docker SDK
- Creating Container Snapshots

Chapter 2: Container Reconnaissance

Overview of Container Security
Attack surface of the container ecosystem
Identifying the components and their security state
- - Get an inventory of containers
    - Docker Images
    - Dockerfile and Environment variables
    - Docker volumes
    - Docker Networking
    - Ports used/Port forwarding
    - Docker Registries
  - Exhaustive review of Namespaces, cgroups and capabilities
Analysis of the attack surface
- - Using native tools
  - Using third-party tools
Hands-on Exercises:
- Using Built-in Docker Tools for Reconnaissance
- Use Third-party Tools for Image Inspection
- Scanning the Remote Host for Unauthenticated Docker API Access
- Identify a Container and Extract Sensitive Information
- Create and Restore a Snapshot of the Container for Further Analysis

Chapter 3: Attacking Containers and Containerized Apps

Note: Every topic/sub topic has an exercise in this module

Containers Attack Matrix
Image-based attacks
- - Malicious Images
  - Extracting passwords, tokens, TLS certs, etc.
  - Exploiting vulnerable components
Registry-based attacks
- - Insecure Docker registries
  - Open Docker registries
  - Lack of authorization (RBAC)
Container-based attacks
- - Manipulating the Privileged mode containers
  - Attacking mounted docker volumes
  - Abusing SetUID/SetGID binaries
  - Exploiting shared namespaces
  - Attacking Linux capabilities
Docker host (Daemon) / kernel attacks
- - Exploiting unauthenticated Docker API
  - Insecure Docker endpoint
  - Lack of network segregation
  - Denial of service attacks
  - Kernel exploits
Privilege escalation methods in Docker
- Security misconfigurations
  - Attacking management tools (Portainer)
  - Exploiting OWASP Top 10 issues in containerized apps
Hands-on Exercises:
- Backdooring Docker Image
- Inspecting Docker Daemon Activity
- Malicious Container Image
- Exploiting Containerized Apps
- Unsecured Docker Daemon
- Docker Exploitation using deepce
- Attacking Misconfigured Docker Registry

Chapter 4: Defending Containers and Containerized Apps on Scale

Container image security
- - Building secure container images
    - Choosing base images
    - Distroless images
    - Scratch images
  - Security Linting of Dockerfiles
  - Static Analysis(SCA) of container images
  - Scan for vulnerabilities in container
    - Choosing the right container scanner tool for your needs
Docker Daemon security configurations
- - Docker user remapping
  - Docker runtime security (gVisor, Kata)
  - Docker socket configuration
    - fd
    - TCP socket
    - TLS authentication
  - Dynamic Analysis of the container hosts and daemons
Docker host security configurations
- - Kernel Hardening using Seccomp and AppArmor
  - Custom policy creation using Seccomp and AppArmor
Network Security in containers
- - Segregating networks
Misc Docker Security Configurations
- - Content Trust and Integrity checks
Docker Registry security configurations
- - Private vs. Public Registries
  - Authentication and Authorization (RBAC)
  - Built-in Image scanning capabilities
  - Policy enforcement
  - DevOps CI/CD Integration
Docker Tools, Techniques and Tactics
- - Tools
    - Dive (Forensic)
    - Dockle
  - Techniques
  - Tactics
Hands-on Exercises:
- Static Analysis using Hadolint
- Scanning Docker for Vulnerabilities With Trivy
- Embedding Trivy Scanning in GitLab CI
- Build a Secure, Miniature Image With Distroless To Minimize Attack Footprint
- Minimize Docker Security Misconfigurations With CIS Compliance
- Securing Container Images by Default Using Harbor
- Signing Container Images for Trust

Chapter 5: Security Monitoring of Containers

Monitoring Docker events, logs
Incident response in containers
Docker runtime prevention
Policy creation, enforcement, and management
Docker security monitoring using Wazuh
Hands-on Exercises:
- Auditing Docker using AuditD
- Sysdig Falco – Runtime Protection and Monitoring
- Tracee – Runtime Security

Certified Container Security Expert (CCSE)

Termíny kurzov

Nenašli ste vhodný termín?