1. Intro to Certified Kubernetes Security (CKS)
2. Kubernetes Cluster and Node Hardening
3. Secure Microservices with Service Mesh and Policy
4. Discuss Software Supply Chain Security
5. Kubernetes Monitoring and Runtime Security
6. Learn Network Policy Security Concepts in Kubernetes
7. Block Network Traffic by Source CIDR Block
8. Apply Pod Selectors to Kubernetes Network Policy
9. Select Network Traffic by Source Namespace
10. Apply Egress Rules to Kubernetes Network Policy
11. Deploy Example Kubernetes Network Policy Scenario
12. Practice Kubernetes Network Policy
13. Intro to Securing Kubernetes GUIs
14. Secure Kubernetes GUIs with Cloud Native Firewalls
15. Encrypt Network Packets with Ingress and TLS
16. Understand Kubernetes Network Policies for Securing GUIs
17. Enable AuthN and AuthZ for Kubernetes GUI Security
18. Disable Web UIs for Improved Cluster Security
19. Intro to CIS Benchmarks for Kubernetes
20. Discuss the CIS Kubernetes Benchmark Document
21. Understand Etcd and Control Plane Authentication Recommendations
22. Review Kubernetes Worker Node CIS Benchmarks
23. Learn Kubernetes Policy CIS Benchmarks
24. Intro to Kubernetes Sealed Secrets
25. Deploy Bitnami Sealed Secrets to Kubernetes Cluster
26. Encrypt Secrets with Kubeseal CLI Tool
27. Deploy and Unwrap Sealed Secret Resources on Kubernetes
28. Intro to Chaos Mesh for Kubernetes
29. Install Chaos Mesh on Kubernetes Clusters
30. Explore the Chaos Mesh Dashboard UI
31. Inject HTTP Chaos Mesh Experiment into Pods
32. Intro to Signing Container Images
33. Understanding Sigstore Cosign CLI
34. Install Cosign CLI and Generate Key Pair
35. Build and Digitally Sign Container Image with Cosign
36. Intro to Open Service Mesh for Kubernetes
37. Understand Open Service Mesh Installation Process
38 Install Open Service Mesh on Kubernetes with OSM CLI
39. Onboard Kubernetes Namespaces to Open Service Mesh
40. Verify Service Connectivity from OSM Client Pod
41. Limit Network Connectivity with OSM IngressBackend Resource
42. Intro to Hashicorp Vault on Kubernetes
43. Understanding Hashicorp Vault Architecture on Kubernetes
44. Install Hashicorp Vault on Kubernetes with Helm
45. Initialize and Unseal Hashicorp Vault and Create Secret
46. Create Vault Permissions Policy and Role
47. Inject Hashicorp Vault Secrets into Kubernetes Pod
48. Intro to Pod Security Policies
49. Learn Pod Security Policy Architecture
50. Test Default Behavior of Kubernetes PSPs
51. Create Kubernetes Service Account and Pod Security Policy
52. Create Role and Validate PSP Behavior
53. Intro to Kubernetes Admission Controllers
54. Learn About Dynamic Admission Controllers
55. Examine Built-in Kubernetes Admission Controllers
56. Customize Kubernetes (k3s) API Server Admission Plugins
57. Intro to Auditing in Kubernetes
58. Understanding Kubernetes Audit Policy Configuration
59. Install K3S and Enable Audit Logging
60. Enable Kubernetes Audit Backend
61. Intro to Kubernetes Event Resources
62. Explore Kubernetes Event Schema
63. Understand Node Level Events in Kubernetes
64. Explore Pod Events in Kubernetes
65. Filter Kubernetes Events with Kubectl CLI
66. Intro to Processing Kubernetes Audit Logs
67. Provision Kubernetes Audit Database with MySQL
68. Connect to MySQL Database from PowerShell and VSCode
69. Parse Kubernetes JSON Audit Logs and Insert MySQL Records
70. Intro to Container Image Verification in Kubernetes
71. Customize Connaisseur Helm Variables
72. Install Connaisseur Helm Chart
73. Build and Test Signed Container Image
74. Intro to Container Image Vulnerability Scanning Tools
75. Explore Trivy Scanner Functionality
76. Deep Dive Into Trivy Vulnerability Data Sources
77. Run Trivy Vulnerability Scan on Linux VM
78. Intro to Falco Open Source Event Detection
79. Learn About Falco Sidekick Utility
80. Engage with the Falco Development Community
81. Install Falco on Linux Virtual Machine
82. Review Falco Configuration Files and Launch Falco
83. Intro to Teleport Proxy Security for Kubernetes
84. Understanding Teleport Architecture on Kubernetes
85. Install Teleport Proxy on Kubernetes Cluster
86. Configure Teleport DNS Endpoint and User
87. Login to Kubernetes Cluster via Teleport CLI
88. Intro to Kyverno Policy Management for Kubernetes
89. Install Kyverno on Kubernetes Cluster with Helm
90. Examine Kyverno Policy Library and Network Policy
91. Apply Kyverno Policy to Enforce Kubernetes Quotas
92. Intro to Kubernetes Monitoring with Sumo Logic
93. Install Sumo Logic Helm Chart on Kubernetes Cluster
94. Explore Sumo Logic Open Source Components
95. Explore Built-in Kubernetes Dashboards in Sumo Logic
96. Understanding Kubernetes E-mail Alerts in Sumo Logic
97. Intro to Kubernetes Dynamic Admission Controllers
98. Learn Basic Structure of Validating Webhook Configuration
99. Understanding Kubernetes Webhook Configuration Rules
100. Setting the Client Config for Kubernetes Webhook Configs
101. Understanding Extra Webhook Config Options
102. Inspect Validating Webhook Config Requests
103. Intro to Container Image Scanning with GitHub Actions
104. Create Simple GitHub Actions Project
105. Install and Run Trivy in GitHub Actions
106. Abort GitHub Actions Workflow on Detected Vulnerabilities
107. Improve Trivy Performance in GitHub Actions
108. Schedule Chaos Mesh Experiments with Cron Expressions
109. Develop Complex Chaos Mesh Workflows
110. Inject Stress Chaos into Kubernetes Pods
111. Perform Kubernetes Network Attacks with Chaos Mesh
112. Intro to Pod Security Standards
113. Implement Warning for Baseline Pod Security Standard on Namespace
114. Enforce Baseline Pod Security Standard Versions
115. Apply Pod Security Standard to Entire Kubernetes Cluster
116. Intro to Kubernetes API Priority and Fairness
117. Understanding API Priority & Fairness Resources
118. Examine Kubernetes FlowSchema Resource Type
119. Validate FlowSchema Applied During k8s API Requests
120. Explore Kubernetes Priority Level Configuration Queues
121. Intro to Kubernetes Infrastructure Testing with Pester
122. Discuss Specific Use Cases for Automated Kubernetes Testing
123. Setting Up PowerShell and Pester Dev Environment
124. Write Pester Test for Kubernetes Pods in Default Namespace
125. Write Pester Test for Kubernetes Deployment Replica Count
126. Add Pester Template Strings to Test Cases
127. Write Pester Test for Kubernetes Cluster Role Bindings
128. Whats Driving the Need for Policy
129. Intro to Open Policy Agent (OPA) Concepts
130. Understand OPA Gatekeeper Architecture with Kubernetes
131. Install OPA Gatekeeper on Kubernetes Cluster
132. Deploy OPA Constraints to Kubernetes Cluster
133. Remediate Audit Violations from OPA Gatekeeper
134. Intro to Kubernetes Resource Validation with Datree
135. Run Datree CLI Against Local Kubernetes Manifest
136. Skip Datree Policy Rules with Resource Annotations
137. Evaluate Datree Policy Rules on Live Kubernetes Resources
138. Configure Datree Policies Centrally or Locally
139. Intro to Rego for Open Policy Agent (OPA)
140. Create Rego Policy and Parse with OPA CLI
141. Write Rego Policy Tests and Execute with OPA CLI
142. Pass Inputs to Rego Policies and Use String Functions
143. Evaluate Rego Policy Return Values
144. Implement Time Window Policy in Rego