Docker and Kubernetes Security Workshop
> Services for your people > Docker and Kubernetes Security Workshop
Docker and Kubernetes Security Workshop
Do you want to learn how to attack and exploit containers on a Kubernetes cluster? This one-day workshop will teach you how to break out of containers and become a Kubernetes cluster admin by abusing and exploiting common misconfigurations.
During this workshop, the participants will perform various container escape scenarios in our dedicated lab environment. In addition, a vulnerable Kubernetes cluster will be available to the participants which will be attacked. Get insights in how an attacker can abuse your workloads and how to prevent configuration pitfalls when setting up your environment. This is a very interactive workshop with exercises, demonstrations and hands-on material.
Why should you attend?
- Get to know the basics of Docker and Kubernetes security
- Gain an insight in the attack surface of Docker and Kubernetes
- Learn about common security misconfigurations
- Learn to attack and exploit misconfigured containers in our lab
- Learn to attack and exploit a misconfigured Kubernetes cluster in our lab
Intended Audience
This training is suitable for:
- Pentesters
- Developers
- Students
- Security testers
- Security enthusiasts
- General security practitioners
- Anyone with an interest in Docker/Kubernetes and technical affinity
This training is devised for technical personnel. Participants may vary in skill level from no experience to novice in pentesting and working with containers or Kubernetes. A basic understanding of Linux and command line is needed. Experience with Docker or Kubernetes is not required. All basic concepts will be addressed. during the workshop as a refresher.
Required Skills & Expertise
This training is devised for technical personnel. A basic understanding of Linux command line and infrastructure is needed. Experience with Docker or Kubernetes is not required. All basic concepts will be addressed during the workshop as a refresher.
Workshop Program
In this one-day hands-on workshop, we split the day in a morning and afternoon part. Depending on your organization and the skills of the participants, the program and technical-depth of the contents can be adapted.
Time |
Topic |
Description |
9:00 |
Introduction to Containers |
What are containers? |
10:30 |
Coffee break |
|
Docker Misconfigurations |
How to exploit them |
|
Hands-on Docker hacking |
Escape from four different containers |
|
12:00 |
Lunch |
|
Introduction to Kubernetes |
Components, usage, and misconfigurations |
|
Kubernetes Attack Surface |
Attacking the different components |
|
14:45 |
Coffe break |
|
Kubernetes Lab |
Hands-on, attacking a vulnerable Kubernetes cluster and capture flags spread throughout the cluster. |
|
Wrap up with questions and answers |
More Information
If you are interested in hosting this interactive and tailored training at your company, please let us know via the contact form, by telephone +31 (0)88 888 31 00 or email info@secura.com.

ABOUT SECURA
Secura is a leading cybersecurity expert. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.
Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.