Professionally Evil Container Security (PECSEC)
July 11 @ 11:00 am – 4:00 pm EDT
Instructor: Cory Sabol
Course Length: 2 Days, 8 Hours
Includes: Six months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.
Course Description
This course is designed to cover the core fundamentals of container and container orchestration security. We’ll explore container security concerns, configuration issues, and how to abuse them as an attacker. Then we’ll switch gears and explore the ways that we can prevent the attacks we just carried out. This will all be done in a hands-on lab driven manner. This class is focused primarily on Docker and Kubernetes but many of the core concepts can be applied to other container technologies.
Key Takeaways
- Provide an overview of core containerization fundamentals
- Cover the main security risks presented by containerization
- Explore ways to discover and exploit common Docker and Kubernetes security flaws
- Explore the ways in which Kubernetes workloads can be hardened and defended successfully
Who Should Take This Course
Anyone with an interest in container security as it applies to Docker and Kubernetes.
Student Requirements
Students will need a computer capable of running the SamuraiWTF lab VM. Students will be provided with a download to an OVF file of the self-contained lab VM prior to the class starting.
What Each Student Will Be Provided
Each student will receive a PDF of the course material and virtual machine image
Course Instructor
Cory Sabol is a senior consultant with a background in web development, game development, and machine learning. He has done substantial research on the topic of container security, focused primarily on Docker and Kubernetes. In addition to using these skills to identify and exploit misconfigurations during penetration testing engagements, Cory has taught workshops on this topic to other security professionals. Cory also has considerable experience with API security. He has developed custom API security testing frameworks and tooling. He has also led the development efforts on the Arrrspace containerized microservice training target. Currently he is researching game security and developing game security labs and training materials.
