@Kleared4: Container Security Course

$1,600.00

In stock

This intensive 2-day course delivers a deep dive into securing, hardening, and testing containerized workloads. Participants gain hands-on experience with container internals, kernel-level isolation, and orchestration security, while also learning to simulate and mitigate real-world attack scenarios.

Over 16 hours of instruction and labs, you’ll explore both Linux and Windows container escape prevention, Kubernetes auditing, and controlled offensive testing techniques. By the end, you will be able to:

  • Identify and mitigate common misconfigurations.

  • Apply kernel capabilities, namespaces, and mandatory access controls for stronger isolation.

  • Audit Kubernetes deployments for security gaps.

  • Use containers to safely analyze malware and observe network behaviors.

  • Run security-critical workflows in isolated container environments.

Level: Intermediate— Technical practitioners with container experience
Duration: 2 Days (16 Hours)

Designed by operators for operators, this accelerated course is designed to help understand container security.

NICCS Course List

SKU: k4cs Category: Tags: , , , , , ,

Description

We use a hands-on approach during instruction to permit students to learn about container security within Docker and Kubernetes in an accelerated, and practical curriculum. We teach containers from start to finish using our hands-on cyber-range with a focus on cyber-security.

Learning Objectives

Participants of this course will learn:

  1. Docker and Kubernetes containers
  2. Limitations and risks for containers workloads
  3. Testing and validating existing security defenses using containers
  4. Preventing container escapes in Windows systems
  5. Preventing container escapes in Linux systems
  6. Auditing Kubernetes deployments
  7. Use containers to analyze malware and network communications
  8. Use cyber-security tools within containers
Overall Proficiency Level: 2 – Intermediate
Course Catalog Number: K4CS

Course Prerequisites:

  • 1. Familiarity with containers
  • 2. Familiarity with Windows and Linux operating systems
  • 3. Modern operating system with web-browser
  • 4. Stable internet connectivity
  • 5. Microsoft Teams account (free accounts available)
Training Purpose: Functional Development, Skill Development
Delivery Method: Online, Instructor-Led, Remote

Course Length: 2 Days

Languages: English or Spanish options for instruction. Please select correct date and language for course instruction.

 

Benefits: 3-years course material updates. 60 day access to Kleared4 after course completion.

Standard support over business hours EST/EDT 0800-1700 8am-5pm

Government PO accepted.

10% discounts available for groups of 10 participants or more.

16 hours of instruction with continuing education certificate upon complete attendance

Syllabus

Day 1 — Core Fundamentals and Threat Landscape

Time Module Topics
09:00 – 09:30 Introduction & Course Objectives Overview of container security goals, attack and defense scope, and course structure.
09:30 – 10:30 Module 1: Container Fundamentals Container vs. VM isolation; namespaces (PID, NET, MNT, UTS, IPC, USER); cgroups; container lifecycle; orchestration basics.
10:30 – 10:45 Break —
10:45 – 12:00 Module 2: Limitations & Risks Shared kernel risks; breakout scenarios; over-privileged configurations; host file system exposure; kernel-level attack surfaces.
12:00 – 13:00 Lunch —
13:00 – 14:15 Module 3: Security Defense Validation Using containers for attack simulation; safe testing of isolation; validating audit and enforcement configurations; controlled offensive testing in purple team workflows.
14:15 – 14:30 Break —
14:30 – 15:45 Module 4: Windows Container Escape Prevention Process vs. Hyper-V isolation; kernel sharing risks; named pipe abuse; registry hardening; least-privilege execution; monitoring escape attempts.
15:45 – 17:00 Lab Preparation & Q&A Environment setup for Day 2 labs; addressing configuration pitfalls before hands-on sessions.

Day 2 — Hardening, Auditing, and Applied Security

Time Module Topics
09:00 – 10:15 Module 5: Linux Container Escape Prevention Dropping capabilities; seccomp syscall filtering; AppArmor/SELinux confinement; rootless containers; read-only and device restrictions.
10:15 – 10:30 Break —
10:30 – 11:45 Module 6: Kubernetes Deployment Auditing Cluster configuration review; RBAC least privilege; network segmentation; pod security controls; manifest anti-pattern detection.
11:45 – 12:45 Lunch —
12:45 – 14:00 Module 7: Malware & Network Analysis in Containers Isolated execution for malware detonation; restricting outbound channels; monitoring network activity; behavioral logging; safety considerations.
14:00 – 14:15 Break —
14:15 – 15:15 Module 8: Running Security Tools in Containers Encapsulating security utilities; environment consistency; operational containment; privilege implications; workflow integration.
15:15 – 16:45 Hands-On Lab Series Eight labs covering attack simulation, hardening, escape mitigation, auditing, malware analysis, and tool deployment (see detailed lab section).
16:45 – 17:00 Course Wrap-Up & Final Review Summary of key techniques; review of common pitfalls; final Q&A; next steps for continued learning.

Lab Section (Conducted in Day 2 Afternoon)

  1. Container Basics & Isolation Inspection — Understand isolation boundaries.

  2. Privilege Escalation via Misconfiguration — Demonstrate unsafe configuration impacts.

  3. Defense Validation — Simulate attacks to confirm detection.

  4. Windows Escape Scenario — Explore and mitigate host exposure.

  5. Linux Hardening with Capabilities & SELinux — Apply and test kernel-level security features.

  6. Kubernetes Audit Exercise — Identify and remediate insecure configurations.

  7. Malware Analysis Sandbox — Observe network and system behavior of a sample.

  8. Containerized Tool Deployment — Run a security function within an isolated environment.

Additional information

Class Dates

English- Aug 25 – 26 2025, Spanish- Aug 27 – 28 2025

Go to Top