ATTACKING AND DEFENDING CONTAINERS, KUBERNETES AND SERVERLESS

Overview

With Organizations rapidly moving towards micro-service style architecture for their applications, container and serverless technology seem to be taking over at a rapid rate. Leading container technologies like Docker have risen in popularity and have been widely used because they have helped package and deploy consistent-state applications. Serverless and Orchestration technologies like Kubernetes help scale such deployments to a massive scale which can potentially increase the overall attack-surface to a massive extent, if security is not given the attention required.

Security continues to remain a key challenge that both Organizations and Security practitioners face with containerized and, serverless deployments. While container orchestrated deployments may be vulnerable to security threats that plague any typical application deployments, they face specific security threats related to the containerization daemon, shared kernel, shared resources, secret management, insecure configurations, role management issues and many more!

Serverless deployments, on the other hand face risks such as insecure serverless deployment configurations, Inadequate function monitoring and logging, Broken authentication, Function event data injection & Insecure application secrets storage. Attacking an infrastructure or Applications leveraging containers and serverless technology requires specific skill-set and a deep understanding of the underlying architecture.

After this training, attendees will know:

• Attacking and Securing Applications leveraging containers and, serverless technology requires specific skill set with a deep understanding of their underlying architecture that attendees will be able to understand.

• This course is aimed at Developers, DevOps Engineers, Penetration Testers and Security practitioners who plan to use container or serverless technology as part of their product deployments and want to get a good understanding on how to secure their services and deployments.

• Training will be extremely hands-on with exercises that are similar to real-world threat scenarios that the attendees will understand and take part in. This will help them understand all there is to attack and secure containerized and, serverless applications.

• On completion, attendees will also understand ways attack and securely deploy on Container Orchestration technology like Kubernetes and on Serverless.

• Intel i5 and above preferred, 64bit Operating System (32 bit will NOT work), 8GB+ RAM preferred. Netbooks WON’T work.

• Working WiFi adapter with ability to connect to third party wireless networks.

Lab  requirements

• We have created cloud labs for all the exercises and labs of the program to work. You will need a terminal program to SSH into the remote lab environments. These programs should work fine: Mac OSX => ITerm2 or Terminal (no need to install), Windows => Putty or Cygwin, Linux => Terminal (no need to install anything else).

• Since AppSecCali doesn't provide Wi-Fi , we are carrying our WiFi for the labs. Nevertheless, as a backup, we are still carrying VMs for the lab environments that we will be running. Please download and install the latest version of Oracle VM VirtualBox (https://www.virtualbox.org/). We have prepped the images to run in VirtualBox 6.0 (latest).

• In the event the Wi-Fi is unreliable, we will be carrying USB flash drives with the VMs which you can use to run the labs. You will need to have cables/adapters to copy from USB flash drives to your laptop. You will also need the requisite permissions and privileges to copy and install software on your laptop. Please be sure of this before you come in for the class, as we will not be able to help you with this in class.

• If you are running VMs on a Mac, it's typically problem-free. However, if you are running Windows Host OS, you will need to check the following:

• • Enable Virtualization in the BIOS => https://bit.ly/2oygJ1H 

  • Disable Hyper-V => https://bit.ly/2ABwrxL

• 50GB free space on HDD for VM(s)

English	3 days
21st, 22nd, 23th September	ONLINE

Cost