Curso DevSecOps Advanced

  • DevOps | CI | CD | Kubernetes | Web3

Curso DevSecOps Advanced

24 horas
Visão Geral

O Curso DevSecOps Advanced cobre a segurança de infraestruturas de aplicativos em contêineres, incluindo práticas recomendadas para proteger a rede e os aplicativos.

Publico Alvo
  • Pessoas familiarizadas com aplicativos em contêineres e tecnologias de orquestração de contêineres, que desejam melhorar a segurança de seu ambiente
  • Engenheiros de DevOps
  • Administradores de sistemas Linux
  • Engenheiros de projeto de sistemas
  • Arquitetos
Pre-Requisitos
  • Domínio dos conceitos básicos de contêineres 
  • Forte domínio da terminologia do Kubernetes e dos fundamentos da operação de cluster do Kubernetes 
Materiais
Inglês/Português/Lab Prático
Conteúdo Programatico

Introduction to Cloud Security

  1. The 4C’s of Cloud Native Security
  2. STRIDE Threat Model
  3. Node Security
  4. Container Security

Cert Manager

  1. What Cert Manager is
  2. Cert-manager overview
  3. Cert-manager concepts
  4. Installing cert-manger
  5. Cert-manager walkthrough
  6. Hands-on Lab: Cert Manager

RBAC Revisited. External Auth Sources

  1. RBAC Revisited
  2. Role and ClusterRole
  3. RoleBinding and CluterRoleBinding
  4. OpenID Connect
  5. OIDC Implicit flow
  6. OIDC Authentication flow
  7. JWT Tokens
  8. Keycloak – K8s integration
  9. Hands-on Lab: RBAC Revisited

K8s-Network Policy

  1. Why use network policies
  2. What is MetalLB and how it works
  3. Configuring Layer2 and Layer3 MetalLB
  4. Additional MetalLB configuration samples
  5. Hands-on Lab: Network Policies

K8s-Securing container images

  1. Tools for securing your container images
  2. OCI Annotations
  3. Managing the security of K8s container workloads
  4. Vulnerability Scanning Tools (Aqua MicroScanner, Anchore)
  5. Security Context
  6. Image Security Best Practices
  7. Hands-on Lab: Image Security

Istio – Introduction

  1. What is a service mash
  2. What is Istio
  3. Istio architecture and components
  4. Setting up Istio
  5. Hands-on Lab: Istio – Introduction

Istio – Advanced Routing

  1. Why route traffic?
  2. raffic shifting
  3. equest routing
  4. External Resources
  5. Hands-on Lab: Istio – Traffic routing

Istio – Fault Injection

  1. Controlling Ingress traffic
  2. Fault injection
  3. Circuit breaking
  4. Traffic mirroring
  5. Hands-on Lab: Istio – Fault injection

Istio – mTLS

  1. Securing pod communication with Istio
  2. mTLS
  3. Authorization policies
  4. Policy target
  5. Authenticated and unauthenticated identity
  6. Hands-on Lab: Istio – mTLS and Authorization

Istio – Observability

  1. Viewing the mesh with Kiali
  2. Kiali features
  3. Generating a service graph
  4. Tracing Calls with Jaeger
  5. Observability (Metrics, Distributed Tracers, Access Logs)
  6. Hands-on Lab: Istio – Observability

Pod Security Policies

  1. Enabling Pod Security Policies
  2. Policy Reference
  3. Hands-on Lab: Pod Security Policies

Open Policy Agent

  1. How OPA works
  2. OPA and Kubernetes
  3. Integrating OPA with K8s
  4. Hands-on Lab: OPA Gatekeeper

Secret Management. Hashicorp Vault

  1. Secrets – the theory behind
  2. Protecting Secrets
  3. Risks
  4. Hashicorp Vault
  5. Running Vault on K8s
  6. Integrating Vault with K8s
  7. Hands-on Lab: Secret Management
TENHO INTERESSE

Ficha do Curso

  • Investimento
    R$ consulte-nos
  • Formato de Entrega
    Presencial & Online Ao Vivo
  • Nível
    Foundation

Calendário

ÍNICIO
TÉRMINO
PERÍODO

Receba todas informações

Cursos Relacionados

Curso Ansible Red Hat Basics Automation Technical Foundation

16 horas

Ver Curso

Curso Terraform Deploying to Oracle Cloud Infrastructure

24 Horas

Ver Curso

Curso Ansible Linux Automation with Ansible

24 horas

Ver Curso

Ansible Overview of Ansible architecture

16h

Ver Curso

Advanced Automation: Ansible Best Practices

32h

Ver Curso

Curso Red Hat DevOps Pipelines and Processes: CI/CD with Jenkins

24h

Ver Curso

Curso Cloud Security and DevSecOps Automation

32 horas

Ver Curso