LI560: Kubernetes Security

Training: Linux/Unix - Security

Hybrid training Hybrid training

Start: 2025-11-03 | 10:00 am

End: 2025-11-06 | 04:00 pm

Location: Nürnberg

Price: 3.650,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-01-19 | 10:00 am

End: 2026-01-22 | 04:00 pm

Location: Nürnberg

Price: 3.650,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-03-02 | 10:00 am

End: 2026-03-05 | 04:00 pm

Location: Nürnberg

Price: 3.650,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-04-27 | 10:00 am

End: 2026-04-30 | 04:00 pm

Location: Nürnberg

Price: 3.650,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Cluster security
    • Kubernetes architecture
    • Threat model & attack vectors
    • ControlPlane hardening & admission controller
    • RBAC & ServiceAccounts
    • Pod security admission
    • CIS benchmark
    • Workload node security

  • Network & container security (cluster & container level)
    • CNI & network overview
    • Container hardening & image security
    • Policy engines
    • ServiceMesh

  • Runtime & monitoring (container & cluster level)
    • Shift-left security
    • Runtime security basics (seccomp, AppArmor, capabilities)
    • Falco: syscall-based monitoring (Syscall Monitoring)
    • Kubernetes Audit Logging
    • Incident response & forensics (hands-on lab)

  • Supply chain & compliance (code level & integration)
    • Container scanning & Software Bill of Materials (SBOM)
    • Image signatures & verification
    • Compliance & automation

Objectives:

  • Build security understanding: Participants understand threat models, attack vectors and the security-relevant architecture of Kubernetes.
  • Apply best practices: They learn how to harden Control Plane, workloads and networks – from RBAC via Pod Security to container and runtime security measures.
  • Ensure compliance: The course teaches methods to implement regulatory requirements (e.g. CIS Benchmarks, Audit Logging, SBOM, signatures) in Kubernetes environments.
  • Practice through hands-on labs: Participants practice real attack scenarios, defense measures and incident response to apply security in practice.
  • Develop holistic view: They gain the ability to consider Kubernetes security along the entire supply chain – from code to operations in the cluster.

Target audience:

  • DevOps/Platform Engineers
  • Administrators
  • Security and Compliance Specialists
  • Developers
  • Penetration Testers
  • Red Teams

Prerequisites:

To be able to follow the course content and learning pace of the workshop LI560 Kubernetes Security effectively, solid Linux and Kubernetes knowledge is mandatory.

We recommend attending the following courses beforehand:

Description:

In this hands-on training, participants learn how Kubernetes clusters and containerized workloads can be comprehensively secured – from architecture through network and runtime security to supply chain aspects and compliance. Beyond theoretical foundation, the focus lies on practical hands-on labs and concrete best practices for secure operation of Kubernetes in enterprises.

The training LI560 Kubernetes Security targets professionals who securely operate, manage or audit Kubernetes –
including DevOps/Platform Engineers, administrators, security and compliance specialists as well as developers. Penetration testers and red teams also benefit by learning to understand and test Kubernetes environments from an attacker perspective.

Thus participants gain the knowledge and tools to build Kubernetes environments resilient, compliant and future-proof – hands-on, verifiable and directly applicable in daily work.

check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

3.650,00 € plus VAT.

(including lunch & drinks)

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.