Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Cloud Native Security Expert
Introduction
Course Introduction (8:08)
Activity: Tell Us About Your Learning Objectives
References Used Throughout the Course
Introduction to Cloud-Native Concepts and Its Security
Overview of the Cloud Native Technologies (7:14)
The 4C’s of Cloud-Native Security (1:21)
Cloud (5:06)
Clusters (3:55)
Containers (1:46)
Code (SCA, SAST, DAST) – DevSecOps (2:49)
Summary (0:42)
[Quiz] Introduction to Cloud-Native Concepts and Its Security
[DevSecOps-labs] Getting Started With The Labs
[DevSecOps-labs] Linux Basics
[Feedback] Share Your Feedback for Module 1
Introduction to Microservices Architecture
The Need for Microservices (2:01)
Monolith vs Microservices (6:30)
Understanding Microservices Architecture (1:56)
Technical and Business pros and cons of Microservices (5:57)
Tools of the Trade (1:55)
CI/CD Tools (1:55)
Artefact Management (2:26)
Cloud Platform (0:45)
Infrastructure As Code (1:45)
Monitoring and Logging Tools (1:30)
Collaboration Tools (0:49)
REST APIs (6:19)
API Security (1:47)
Introduction to OWASP API Top 10 (19:03)
Summary (0:55)
[Quiz] Introduction to Microservices Architecture
[Feedback] Share Your Feedback for Module 2
[DevSecOps-labs] Introduction to Microservices
[DevSecOps-labs] CI/CD Basics
Containers and Container Security
What Is a Container? (3:11)
Container vs Virtualization (4:39)
Container Advantages (1:14)
Docker Architecture and Its Components (2:55)
Basics of Container Technology and Its Challenges (18:10)
Container Fundamentals (0:53)
Namespaces (2:39)
Cgroups (1:07)
Capabilities (0:43)
Ways To Interact With Container Ecosystem (4:30)
Container Security Issues (3:24)
Container Defences (1:50)
Summary (1:02)
[Quiz] Containers and Container Security
[Feedback] Share Your Feedback for Module 3
[DevSecOps-labs] Container Security
Introduction to Kubernetes
Introduction to Kubernetes (4:32)
Kubernetes Use Cases (7:43)
Kubernetes Architecture - Cluster, Nodes, and Pods (4:19)
API Server (1:28)
Controller Manager (1:28)
etcd (1:14)
Kube-Scheduler (1:12)
Kubelet (1:23)
Kube-Proxy (0:49)
Container Runtime (0:52)
Bootstrapping the Kubernetes Cluster (7:27)
Kubernetes Package Manager (5:47)
Understanding Helm Workflow (9:48)
Creating Helm Charts (4:14)
Summary (1:12)
[Quiz] Introduction to Kubernetes
[Feedback] Share Your Feedback for Module 4
[DevSecOps-labs] Introduction to Kubernetes
Hacking Kubernetes Cluster
Kubernetes Attack Surface and Threat Matrix (14:47)
Common Kubernetes Security Issues (1:05)
Insecure Workload Configurations (2:17)
Supply Chain Vulnerabilities (3:08)
Overly Permissive RBAC Configurations (2:41)
Lack of Centralized Policy Enforcement (1:37)
Inadequate Logging and Monitoring (1:41)
Broken Authentication Mechanisms (1:57)
Missing Network Segmentation Controls (1:51)
Secrets Management Failures (1:56)
Misconfigured Cluster Components (1:48)
Outdated and Vulnerable Kubernetes Components (1:26)
Summary of Common Kubernetes Security Issues (0:48)
Differences in k8s Installations (5:14)
Summary (1:31)
[Quiz] Hacking Kubernetes Cluster
[Feedback] Share Your Feedback for Module 5
[DevSecOps-labs] Hacking Kubernetes Cluster
Kubernetes Authentication and Authorization
Fundamentals of Kubernetes Authentication and Authorization (7:16)
Authentication Mechanisms in Kubernetes (1:55)
Authentication With Client Certificates (6:14)
Authentication With Bearer Tokens (10:39)
HTTP Basic Authentication (1:12)
Remote Authentication (4:07)
Authorization Mechanisms in Kubernetes (2:11)
Node Authorization (3:04)
Attribute Based Access Control (ABAC) (4:33)
Role-Based Access Control (RBAC) (11:21)
Summary (1:27)
[Quiz] Kubernetes Authentication and Authorization
[Feedback] Share Your Feedback for Module 6
[DevSecOps-labs] Kubernetes Authentication and Authorization
Kubernetes Admission Controllers
Fundamentals of Admission Controllers (3:49)
Static Admission Controllers (2:43)
DefaultStorageClass (3:47)
AlwaysPullImages (4:36)
Dynamic Admission Controllers (5:48)
Introduction to Custom Admission Controllers (11:20)
Authenticating API Servers (2:29)
Open Policy Agent (OPA) and Rego Policies (7:14)
Using OPA With Kubernetes (5:03)
OPA Gatekeeper (9:13)
OPA Kube-Mgmt vs OPA Gatekeeper (2:43)
Pod Security Context (3:04)
Pod Security Policies (5:11)
Pod Security Admission (5:02)
Policy Modes (3:03)
Applying Policies (6:14)
Different Options To Write Custom Policies for K8s (3:46)
Summary (2:00)
[Quiz] Kubernetes Admission Controllers
[Feedback] Share Your Feedback for Module 7
[DevSecOps-labs] Kubernetes Authentication and Authorization
Kubernetes Data Security
Kubernetes Data Storage Mechanisms (6:54)
Container Mounts and Volumes (8:54)
Distributed Volumes in Kubernetes (4:29)
Persistent Volumes on Cloud (7:44)
Dynamically Provisioning Cloud Storage for Workloads (9:03)
Managing Secrets in Traditional Infrastructure (7:18)
Managing Secrets in Containers at Scale (1:52)
Exploring Secret Storage Options (1:52)
Kubernetes Secrets Object (5:05)
Encrypted Configurations (6:00)
Managing Encryption Keys in External KMS (8:12)
Encrypting Secret Objects in Version Control Systems (8:11)
Mozilla SOPS for Secret OPerationS (14:10)
Introducing Secrets Store CSI Drivers (7:13)
Environment Variables and Volume Mounts (4:40)
Injecting Secrets with Hashicorp Vault (9:48)
Scanning for Secrets Exposure (7:47)
Summary (2:08)
[Quiz] Kubernetes Data Security
[Feedback] Share Your Feedback for Module 8
[DevSecOps-labs] Kubernetes Data Security
Kubernetes Network Security
Introduction to Kubernetes Networking (6:27)
Challenges with Kubernetes Networking (3:26)
Network Policies in Kubernetes (3:22)
Anatomy of a Network Policy (7:15)
Fallacies of Distributed Computing (8:32)
Service Mesh Architecture (8:12)
Exploring Linkerd (3:05)
Zero Trust with Consul Connect (3:43)
Service Identities with Istio (3:14)
Summary (1:21)
[Quiz] Kubernetes Network Security
[Feedback] Share Your Feedback for Module 9
[DevSecOps-labs] Kubernetes Network Security
Defending Kubernetes Cluster
Compliance and Governance (6:17)
Kubernetes Compliance With Kubebench (2:06)
Kubernetes Compliance With Inspec (2:21)
Threat Modeling for Kubernetes (10:09)
Static Analysis of Kubernetes Clusters (9:52)
Building Secure Container Images (5:22)
Dynamic and Runtime Security Analysis (13:37)
Security Monitoring (4:54)
Summary (1:32)
[Quiz] Defending Kubernetes Cluster
[DevSecOps-labs] Defending Kubernetes Cluster
[Feedback] Share Your Feedback for Module 10
Summary
Course Review and Summary (11:08)
Exam and Certification
Exam and Certification Process Lecture (21:33)
Steps to Apply for the Exam
[Activity] Schedule the Exam
Reschedule the Exam
[Feedback] Course Feedback
Course Completion Certificate
Certificate of Completion
Fallacies of Distributed Computing
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock