Visão Geral

O curso Container Security Fundamentals é voltado para fornecer aos participantes uma compreensão profunda sobre as melhores práticas e ferramentas disponíveis para proteger ambientes de containers, como Docker e Kubernetes. Abordando desde a criação de imagens seguras até a mitigação de ameaças, este curso prepara os profissionais para identificar vulnerabilidades e garantir que os containers sejam implementados de maneira robusta e segura em ambientes de produção. O foco será na segurança ao longo de todo o ciclo de vida dos containers.

Objetivo

Após realizar este curso Container Security Fundamentals, você será capaz de:

• Entender os riscos de segurança relacionados a containers.
• Implementar melhores práticas de segurança na criação de imagens e na configuração de containers.
• Realizar auditorias de segurança em containers e imagens.
• Utilizar ferramentas de segurança específicas para proteger ambientes de containers.
• Monitorar e mitigar vulnerabilidades e ataques em sistemas de containers.

Publico Alvo

• Administradores de sistemas e infraestrutura.
• Engenheiros de DevOps.
• Arquitetos de TI.
• Profissionais de segurança da informação.
• Desenvolvedores de software.

Pre-Requisitos

• Conhecimento básico em containers (Docker, Kubernetes).
• Familiaridade com redes e sistemas operacionais (Linux/Windows).

Materiais

Conteúdo Programatico

Introduction to Container Security

1. Overview of container technology and its security implications.
2. Common security challenges in containerized environments.
3. The shared responsibility model in container security.

Building Secure Container Images

1. Best practices for creating secure images.
2. Understanding the importance of minimal base images.
3. Implementing security scanning tools for images (e.g., Clair, Anchore).

Securing the Container Host

1. Hardening the container host system (Linux security modules, AppArmor, SELinux).
2. Configuring the Docker daemon securely.
3. Using namespaces, control groups (cgroups), and capabilities for isolation.

Container Runtime Security

1. Securing the container runtime (Docker, CRI-O, containerd).
2. Understanding runtime threats and attack surfaces.
3. Applying runtime security policies and controls.

Image Vulnerability Scanning

1. Scanning images for known vulnerabilities (CVE databases).
2. Implementing vulnerability management practices in CI/CD pipelines.
3. Automating image scanning and remediation processes.

Container Networking Security

1. Securing container networks: bridge, host, and overlay networks.
2. Implementing secure service discovery and segmentation.
3. Configuring firewalls and access control for containerized services.

Secrets Management in Containers

1. Managing sensitive data (passwords, tokens, certificates) in containers.
2. Using Docker Secrets and Kubernetes Secrets.
3. Best practices for storing and handling secrets securely.

Orchestrator Security: Kubernetes

1. Securing Kubernetes clusters: pod security policies, RBAC, and network policies.
2. Securing API access and implementing audit logging.
3. Hardening etcd and securing communication between Kubernetes components.

Monitoring and Logging for Security

1. Implementing logging and monitoring solutions for containers (e.g., Falco, Prometheus).
2. Detecting anomalies and security incidents in container environments.
3. Best practices for continuous security monitoring in production.

Incident Response and Forensics in Containers

1. Container-specific incident response strategies.
2. Investigating security breaches in container environments.
3. Using container forensics tools to gather evidence and analyze attacks.

Compliance and Governance

1. Understanding compliance requirements in containerized environments (PCI-DSS, HIPAA).
2. Implementing security benchmarks (CIS Docker/Kubernetes).
3. Auditing and reporting for container security compliance.