Deep Dive into Docker Security

Deep Dive into Docker Security - Live & Interactive Training
Demo Reference
Features of DevOpsSchool
  Known, Qualified and Experienced Docker Trainer.

 Assignments with personal assistance

  Real time scenario based projects with standard evaluation

  Hands on Approach - We emphasize on learning by doing.

  80% of the class is consist of Lab by doing.

  Life time access to all learning materials & Lifetime technical support
Deep Dive into Docker Security - Instructor-led, Live & Interactive Training
AGENDA
MODE
DURATION
PRICE
Deep Dive into Docker Security
Classroom / Public batch
3 Days
Deep Dive into Docker Security
Online
3 Days
INR 39999/- | 50% Off | INR 19999/-

Course Introduction

Docker is one of the popular and container based tool used to create, deploy and run applications on cloud and on premises. Docker is a key component for the strategic investment in any company. An organization can take advantage of the agility and portability benefits that Docker containers provide across the application lifecycle, organizations planning to optimize these applications for their digital and hybrid cloud initiatives require a broader containerization strategy.

DevOpsSchool offers Docker Training Program to developers and system administrators with professional and experienced Docker instructor/trainer. We do have Docker consultants for enterprises and candidates. They can choose from Online & Offline Classes for Docker Training.

Benefits of the course
  • Technical benefits: Continuous software delivery
  • Technical benefits: Less complex problems to fix
  • Technical benefits: Faster resolution of problems
  • Business benefits: Faster delivery of features
  • Business benefits: More stable operating environments
  • Business benefits: More time available to add value (rather than fix/maintain)
How DevOpsSchool is effective for Docker training?
  • Technical benefits: Continuous software delivery
  • Technical benefits: Less complex problems to fix
  • Technical benefits: Faster resolution of problems
  • Business benefits: Faster delivery of features
  • Business benefits: More stable operating environments
  • Business benefits: More time available to add value (rather than fix/maintain)
Who should enroll it?

This course is a foundation to anyone who aspires to become a DevOps Engineer, a Service Engineer in the field of Enterprise Infrastructures. The following professionals are the key beneficiaries of this course :

  • DevOps Engineer
  • Build and Release Engineer
  • Read More
Pre-requisites

Training Pre-requisites

  • Basic understanding of linux/unix system concepts
  • Familiarity with Command Line Interface (CLI)
  • Familiarity with a Text Editor
  • Experience with managing systems/applications/infrastructure or with deployments/automation

Agenda: Deep Dive into Docker Security (Classroom)

The Docker platform is a key ingredient in the packaging and delivery of container-based application services. Docker is designed to be secure by default. But like most such things, Docker can be made even more secure. This course will give you all the knowledge you need to enable you to securely manage the operation of a Docker platform. For containers, security must be baked into infrastructure — and that starts with the security resources that are available as part of Docker Community Edition and Docker Enterprise.

Day - 1
Why Containers Present Special Security Challenges
  • Docker Security Challenges
  • Protecting Your Docker Containers
  • CI/CD and Pre-deployment Security
  • Container Privileges
  • Static Analysis
  • Runtime Security
  • Docker Hardening Standard
  • Incident Response
  • Docker Logging
Docker vulnerabilities and threats to battle
  • Docker host and kernel security
  • Docker container breakout
  • Container image authenticity
  • Container resource abuse
  • Docker security vulnerabilities present in the static image
  • Docker credentials and secrets
  • Docker runtime security monitoring
  • Best Practices

Establishing a Baseline for Docker Platform Security
  • Defining the Docker Platform
  • Acting on Docker Platform Security Vulnerabilities
  • Determining What Needs to Be Secured
  • Measuring How Secure a Docker Platform Is
  • Testing a Docker Platform for CIS Docker Benchmark Compliance
  • Demo & Labs
  • Best Practices
Day - 2
Optimizing the Configuration of the Docker Host
  • Employing Minimal Operating Systems
  • Kernel namespaces
  • Control groups
  • Deploying Docker on RancherOS in the Cloud
  • Hardening the Host Operating System
  • Keeping the Docker Engine Current
  • Auditing Important Docker Artifacts
  • Kernel namespaces
  • Creating Audit Rules for the Docker Host
  • Linux kernel capabilities
  • Demo & Labs
  • Best Practices
Configuring the Docker Daemon for Security
  • Module Outline
  • Controlling Access to the Docker Daemon Socket
  • Using TLS to Protect the Docker Daemon
  • Configuring TLS for the Docker Client and Daemon
  • Minimizing the Risk Associated with a Container Breakout
  • Implementing User Namespaces for Containers
  • Demo & Labs
  • Best Practices




Enhancing Access Control to the Docker Platform
  • Docker daemon attack surface
  • Enhancing the Default Access Control Mechanism
  • The Docker Plugin API
  • Introducing the Open Policy Agent Docker Authorization Plugin
  • Defining Authorization Policy with Rego
  • Implementing Fine-grained Access Control to the Docker Platform
  • Demo & Labs
  • Best Practices
Day - 3
Deploying a Secure Docker Registry
  • Enabling the Use of Insecure Registries
  • Securing Communication with a Self-hosted Docker Registry
  • Configuring TLS for the Docker Daemon and Registry
  • Controlling Access with Basic Authentication
  • Controlling Access with Token-based Authentication
  • Implementing Authentication for a Self-hosted Registry
  • Registry Security scanning
  • Docker Content Trust Signature Verification
  • Demo & Labs





Tools for Docker Security
  • Docker Bench for Security
  • Clair
  • Cilium
  • Anchore
  • OpenSCAP Workbench
  • Dagda
  • Notary
  • Grafaes
  • Sysdig Falco
  • Banyanops Collector
  • Dockscan
  • Batten
  • BlackDuck Docker security
  • Inspec
Managing Security in a Docker Swarm Cluster
  • Module Outline
  • Securing Communication Between Cluster Nodes
  • Using Secrets to Manage Sensitive Artifacts
  • Autolocking a Cluster to Protect the Encryption Key
  • Managing the Availability of a Swarm Cluster
  • Recovering from a Lost Quorum
  • Demo & Labs

Agenda: Deep Dive into Docker Security (Online)

The Docker platform is a key ingredient in the packaging and delivery of container-based application services. Docker is designed to be secure by default. But like most such things, Docker can be made even more secure. This course will give you all the knowledge you need to enable you to securely manage the operation of a Docker platform. For containers, security must be baked into infrastructure — and that starts with the security resources that are available as part of Docker Community Edition and Docker Enterprise.

Day - 1
Why Containers Present Special Security Challenges
  • Docker Security Challenges
  • Protecting Your Docker Containers
  • CI/CD and Pre-deployment Security
  • Container Privileges
  • Static Analysis
  • Runtime Security
  • Docker Hardening Standard
  • Incident Response
  • Docker Logging
Docker vulnerabilities and threats to battle
  • Docker host and kernel security
  • Docker container breakout
  • Container image authenticity
  • Container resource abuse
  • Docker security vulnerabilities present in the static image
  • Docker credentials and secrets
  • Docker runtime security monitoring
  • Best Practices

Establishing a Baseline for Docker Platform Security
  • Defining the Docker Platform
  • Acting on Docker Platform Security Vulnerabilities
  • Determining What Needs to Be Secured
  • Measuring How Secure a Docker Platform Is
  • Testing a Docker Platform for CIS Docker Benchmark Compliance
  • Demo & Labs
  • Best Practices
Day - 2
Optimizing the Configuration of the Docker Host
  • Employing Minimal Operating Systems
  • Kernel namespaces
  • Control groups
  • Deploying Docker on RancherOS in the Cloud
  • Hardening the Host Operating System
  • Keeping the Docker Engine Current
  • Auditing Important Docker Artifacts
  • Kernel namespaces
  • Creating Audit Rules for the Docker Host
  • Linux kernel capabilities
  • Demo & Labs
  • Best Practices
Configuring the Docker Daemon for Security
  • Module Outline
  • Controlling Access to the Docker Daemon Socket
  • Using TLS to Protect the Docker Daemon
  • Configuring TLS for the Docker Client and Daemon
  • Minimizing the Risk Associated with a Container Breakout
  • Implementing User Namespaces for Containers
  • Demo & Labs
  • Best Practices




Enhancing Access Control to the Docker Platform
  • Docker daemon attack surface
  • Enhancing the Default Access Control Mechanism
  • The Docker Plugin API
  • Introducing the Open Policy Agent Docker Authorization Plugin
  • Defining Authorization Policy with Rego
  • Implementing Fine-grained Access Control to the Docker Platform
  • Demo & Labs
  • Best Practices
Day - 3
Deploying a Secure Docker Registry
  • Enabling the Use of Insecure Registries
  • Securing Communication with a Self-hosted Docker Registry
  • Configuring TLS for the Docker Daemon and Registry
  • Controlling Access with Basic Authentication
  • Controlling Access with Token-based Authentication
  • Implementing Authentication for a Self-hosted Registry
  • Registry Security scanning
  • Docker Content Trust Signature Verification
  • Demo & Labs





Tools for Docker Security
  • Docker Bench for Security
  • Clair
  • Cilium
  • Anchore
  • OpenSCAP Workbench
  • Dagda
  • Notary
  • Grafaes
  • Sysdig Falco
  • Banyanops Collector
  • Dockscan
  • Batten
  • BlackDuck Docker security
  • Inspec
Managing Security in a Docker Swarm Cluster
  • Module Outline
  • Securing Communication Between Cluster Nodes
  • Using Secrets to Manage Sensitive Artifacts
  • Autolocking a Cluster to Protect the Encryption Key
  • Managing the Availability of a Swarm Cluster
  • Recovering from a Lost Quorum
  • Demo & Labs

FAQs

Can I attend a Demo Session?

To maintain the quality of our live sessions, we allow limited number of participants. Therefore, unfortunately live session demo cannot be possible without enrollment confirmation. But if you want to get familiar with our training methodology and process or trainer's teaching style, you can request a pre recorded Training videos before attending a live class.

Will I get any project?

We do not have any demo class of concept. In case if you want to get familiar with our training methodology and process, you can request a pre recorded sessions videos before attending a live class?

Who are the training Instructors?

All our instructors are working professionals from the Industry and have at least 10-12 yrs of relevant experience in various domains. They are subject matter experts and are trained for providing online training so that participants get a great learning experience.

Do you provide placement assistance?

No, But we help you to get prepared for the interview. Since there is a big demand for this skill, we help our students for resumes preparations, work on real life projects and provide assistance for interview preparation.

What are the system requirements for this course?

The system requirements include Windows / Mac / Linux PC, Minimum 2GB RAM and 20 GB HDD Storage with Windows/CentOS/Redhat/Ubuntu/Fedora.

How will I execute the Practicals?

In Cloud, We can help you setup the instance in cloud (AWS, Cloudshare & Azure), the same VMs can be used in this training.
Also, We will provide you with step-wise installation guide to set up the Virtual Box Cent OS environment on your system which will be used for doing the hands-on exercises, assignments, etc.

What are the payment options?

You can pay using NetBanking from all the leading banks. For USD payment, you can pay by Paypal or Wired.

What if I have more queries?

Please email to contact@DevopsSchool.com

What if I miss any class?

You will never lose any lecture at DevOpsSchool. There are two options available:

You can view the class presentation, notes and class recordings that are available for online viewing 24x7 through our site Learning management system (LMS).

You can attend the missed session, in any other live batch or in the next batch within 3 months. Please note that, access to the learning materials (including class recordings, presentations, notes, step-bystep-guide etc.)will be available to our participants for lifetime.

Do we have classroom training?

We can provide class room training only if number of participants are more than 6 in that specific city.

What is the location of the training?

Its virtual led training so the training can be attended using Webex | GoToMeeting

How is the virtual led online training place?

What is difference between DevOps and Build/Release courses?

Do you provide any certificates of the training?

DevOpsSchool provides Course completion certification which is industry recognized and does holds value. This certification will be available on the basis of projects and assignments which particiapnt will get within the training duration.

What if you do not like to continue the class due to personal reason?

You can attend the missed session, in any other live batch free of cost. Please note, access to the course material will be available for lifetime once you have enrolled into the course. If we provide only one time enrollment and you can attend our training any number of times of that specific course free of cost in future

Do we have any discount in the fees?

Our fees are very competitive. Having said that if we get courses enrollment in groups, we do provide following discount
One Students – 5% Flat discount
Two to Three students – 10% Flat discount
Four to Six Student – 15% Flat discount
Seven & More – 25% Flat Discount

Refund Policy

If you are reaching to us that means you have a genuine need of this training, but if you feel that the training does not fit to your expectation level, You may share your feedback with trainer and try to resolve the concern. We have no refund policy once the training is confirmed.

Why we should trust DevOpsSchool for online training

You can know more about us on Web, Twitter, Facebook and linkedin and take your own decision. Also, you can email us to know more about us. We will call you back and help you more about the trusting DevOpsSchool for your online training.

How to get fees receipt?

You can avail the online training reciept if you pay us via Paypal or Elance. You can also ask for send you the scan of the fees receipt.

Hear Words Straight From Our Clients About DevOpsSchool
Participant's Feedback
Testimonials
  Call us on +91 700 483 5930   |   +91 700 483 5706     Contact@DevopsSchool.com