Home > Trainings > Certified Cloud Native Security Expert_CCNSE
Certified Cloud Native Security Expert_ CCNSE
The Certified Cloud-Native Security Expert (CCNSE) is a vendor-neutral cloud-native certification program in security. This Cloud-Native course covers topics in security such as Introduction to Cloud-Native Concepts and its Security, Containers, and Container Security, Introduction to Kubernetes, Hacking Kubernetes Cluster, Kubernetes Authentication and Authorization, Kubernetes Admission Controllers, Defending Kubernetes Cluster, Kubernetes Network Security, Kubernetes Data Security.
Training Schedule
Features
Course Objective
- Cloud-Native technologies like Microservices, containers, and Kubernetes have emerged as the go-to way to create, deploy and manage microservices for both on-prem and cloud environments. Cloud-Native technologies bring a wealth of benefits; however, The task of securing your cloud-native environment is daunting.
- The Certified Cloud-Native Security Expert (CCNSE) is a vendor-neutral course and certification program that is designed to assess the level of security knowledge a candidate has on Cloud Native Technologies like Microservices, APIs, and Kubernetes.
- The course is designed to give students a practical view of Kubernetes security, covering not only the theory but immediately applicable tools and techniques. The course is project- oriented, with 60+ hands-on labs that will put your newly gained knowledge into action and guide you along the way.
Course Agenda
Module 1: Introduction to Cloud-Native Concepts and its Security
- Course Introduction (About the course, syllabus, and how to approach it)
- About Certification and how to approach it
- Lab Environment
- Lifetime course support (Mattermost)
- Overview of the Cloud Native Technologies
- The 4C’s of Cloud-Native Security
- Security and Threat Model of Cloud-Native technologies
Module 2: Introduction to Microservices Architecture
- The need for microservices
- Monolith vs Microservices
- Technical and Business pros and cons of Microservices
- Tools of the trade
- REST APIs
Module 3: Containers and Container Security
- What is a container?
- Container vs Virtualization
- Docker Architecture and its components
- Basics of container technology and its challenges
- Container fundamentals
- Ways to interact with container ecosystem
- Container security issues
- Container Defenses
Module 4: Introduction to Kubernetes
- Introduction to Kubernetes
- Kubernetes Use Cases
- Kubernetes Architecture (Core Components)
- Bootstrapping the Kubernetes cluster
- Kubernetes Package Manager
Module 5: Hacking Kubernetes Cluster
- Kubernetes Attack Surface and Threat Matrix
- Common Kubernetes security issues
- Differences in k8s installations (support for PSP vs no PSP)
Module 6: Kubernetes Authentication and Authorization
- Fundamentals of Kubernetes Authentication and Authorization
- Authentication mechanisms in Kubernetes
- Authorization mechanisms in Kubernetes
Module 7: Kubernetes Admission Controllers
- Fundamentals of Admission Controllers
- Static Admission Controllers
- Dynamic Admission Controllers
- Pod Security Context
- Pod Security Policies
- Pod Security Admission
- Different Options to Write Custom Policies for K8s
Module 8: Kubernetes Data Security
- Kubernetes Data Storage mechanisms
- Managing secrets in traditional infrastructure
- Managing secrets in containers at Scale
- Sanning for Secrets Exposure
Module 9: Kubernetes Network Security
- Introduction to Kubernetes Networking
- Network Policies in Kubernetes
- Fallacies of Distributed Computing
- Service Mesh Architecture
Module 10: Defending Kubernetes Cluster
- Compliance and Governance
- Threat Modeling for Kubernetes
- Static Analysis of Kubernetes clusters
- Building Secure Container Images
- Dynamic and Runtime Security Analysis
- Security Monitoring
Exam & Certification
- After completing the course, you can schedule the CCNSE exam on your preferred date.
- Process of achieving Practical DevSecOps CCNSE Certification can be found here.
FAQs
Are there any pre-requisites for this course?
- Course participants should have knowledge of running basic Linux commands like ls, cd, mkdir, etc.,
- Basic knowledge in container technology and k8s helps but is needed.
- Understanding of OWASP Top 10 vulnerabilities
How do I take the exam?
TaUB Solutions will request the examinations together with your registration. The exam should be taken at the end of the course. Results are available within 5 working days.