In this module, we will cover the creation of a Kubernetes cluster and delve into some common errors you might encounter. You'll learn how to set up your cluster and troubleshoot issues to maintain a stable and functional environment.

In this module, we will explore the use of Network Policies to restrict access at the cluster level. You'll learn about default deny policies, how to set up egress and ingress rules, and how to create policies for different namespaces.

In this module, we will focus on minimizing the use and access to GUI elements in Kubernetes. You'll learn how to install the Kubernetes Dashboard, understand the risks of insecure access, and implement RBAC to enhance security.

In this module, we will guide you through the creation and securing of Ingress objects in Kubernetes. You'll learn how to set up Ingress and apply security controls to protect your cluster.

In this module, we will discuss how to access and protect node metadata in a Kubernetes cluster. You'll learn about the security implications and how to use Network Policy to safeguard node endpoints.

In this module, we will explore the CIS benchmark for Kubernetes security and how to use kube-bench to review and improve your cluster's security configuration.

In this module, we will cover the importance of verifying platform binaries before deployment. You'll learn how to delete custom networks and verify the apiserver binary to ensure your cluster's security.

In this module, we will focus on RBAC for cluster hardening. You'll learn about roles, rolebindings, and how to manage accounts and Certificate Signing Requests to enhance security.

In this module, we will discuss the cautious use of Service Accounts in Kubernetes. You'll learn about custom Service Accounts, disabling their mounting, and limiting their permissions with RBAC.

In this module, we will explore methods to restrict API access for cluster hardening. You'll learn about enabling/disabling anonymous access, performing secure API requests, and using Node Restriction Admission Controller.

In this module, we will cover the upgrade process for Kubernetes clusters. You'll learn how to verify Node Restriction, create clusters with older versions, and upgrade to ensure your cluster remains secure and up-to-date.

In this module, we will focus on managing Kubernetes secrets and understanding their vulnerabilities. You'll learn how to create secrets, hack them to understand their weaknesses and implement ETCD encryption for protection.

In this module, we will explore the use of container runtime sandboxes in a multi-tenant environment. You'll learn about calling the Linux kernel, the OCI, and how to use Crictl and create Runtime Classes.

In this module, we will delve into OS-level security domains for microservices. You'll learn how to set container users and groups, enforce non-root policies, manage privileged containers, and create Pod Security Policy.

In this module, we will cover mTLS and its implementation. You'll learn the basics of mTLS and how to create a sidecar proxy to secure communications.

In this module, we will explore the Open Policy Agent (OPA) and its use in Kubernetes security. You'll learn about installing an OPA gatekeeper, enforcing policies, and implementing Deny All policies and namespace label enforcement.

In this module, we will focus on supply chain security by reducing image footprint. You'll learn how to use multi-stage builds and secure and harden container images.

In this module, we will explore static analysis for supply chain security. You'll learn about using Kubesec, performing static analysis with Docker images, and utilizing OPA Conftest.

In this module, we will cover image vulnerability scanning using Trivy. You'll learn how to scan container images to identify and mitigate vulnerabilities.

In this module, we will focus on securing the supply chain in Kubernetes. You'll learn about image digests and how to whitelist registries using OPA to enhance security.

In this module, we will explore behavioral analytics at the host and container levels. You'll learn how to use Strace, access /proc, and environment variables, and implement Falco for threat detection and monitoring.

In this module, we will discuss the immutability of containers at runtime. You'll learn about the concept of immutability, how to implement Startup Probe, and use Security Context to render containers immutable.

In this module, we will cover auditing for runtime security in Kubernetes. You'll learn about the importance of auditing, how to implement audit policies, enable audit logging, and check logs for compliance.

In this module, we will focus on system hardening through kernel hardening techniques. You'll learn how to implement AppArmor and Seccomp profiles for various Kubernetes components to enhance overall security.