As every company is moving toward Docker and Kubernetes as a security professional, I always wanted to learn more about Kubernetes, how to attack and defend from common security pitfalls, while going through the internet for a different course, I stumbled upon the course from the offensive labs, which is called Hacking and Securing Kubernetes Cluster, when I gleaned through the curriculum, it was easy to make the decision as the course covered most of the concepts which I wanted to learn and you can apply directly in your day job.
Who should take this course?
- Pentesters / Appsec
- Developers / DevOps
What is in this course?
The course takes the approach of Zero to Hero mindset which is as mentioned below
- Introduction to Kubernetes and fundamentals.
- Then, it introduces you to how to build your own Kubernetes cluster (lab)
- Different attack surface / Threat model of Kubernetes
- AuthN/AuthZ in Kubernetes
- Various vulnerabilities/misconfiguration in Kubernetes cluster
- Enumeration and gaining an initial foothold
- Post-exploitation and lateral movement to pwn an entire cluster.
- Introduction to various automated tools in assisting pen-testers
- Different ways to harden the Kubernetes cluster.
- The course is very well-paced, as it is Zero to Hero they do give you step by step instructions, and a lot of handholding support is provided by the team.
- Video quality and course content are up to the standards.
- All of it is Hands-on, so at the end of the course, you will feel you learned.
- The best part is, they have a dedicated Discord server, in case you run into any issues and they are very active.
- One has to note that, there are no exams or certifications.
For the price, the course is really good and I would definitely recommend this for anyone who would like to build, break, and learn their Kubernetes cluster.