Certified Kubernetes Security Specialist (CKS) Certification Training Course

Certified Kubernetes Security Specialist (CKS) Certification Training Course Overview

Enroll for the 4-day Certified Kubernetes Security Specialist (CKS) Training course from Koenig Solutions. This course assures that a CKS has the skills, knowledge, and competence on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment, and runtime. 

Target Audience:

The course is intended for cloud-native professionals to demonstrate security skills to current and potential employers.

Learning Objectives:

After completing this course, you will be able to:

  • Cluster Setup    
  • Cluster Hardening           
  • System Hardening          
  • Minimize Microservice Vulnerabilities    
  • Supply Chain Security    
  • Monitoring, Logging, and Runtime Security


This course prepares you for Exam CKS. Test your current knowledge Qubits42

Certified Kubernetes Security Specialist (CKS) Certification Training Course (Duration : 32 Hours) Download Course Contents

Live Virtual Classroom
Group Training 1400
01 - 04 Nov 09:00 AM - 05:00 PM CST
(8 Hours/Day)

06 - 09 Dec GTR 09:00 AM - 05:00 PM CST
(8 Hours/Day)

1-on-1 Training (GTR) 1600
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

GTR=Guaranteed to Run
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Special Solutions for Corporate Clients! Click here
Hire Our Trainers! Click here

Course Modules

Module 1: Cluster Setup
  • Verify Platform Binaries before Deploying
Module 2: Cluster Hardening
  • Restrict Access to Kubernetes API
  • Use Role Based Access Controls to Minimize Exposure
  • Exercise Caution in Using Service Accounts e.g. Disable Defaults, Minimize Permissions on Newly Created Ones
  • Update Kubernetes Frequently
Module 3: System Hardening
  • Minimize Host OS Foorprint (Reduce Attack Surface)
  • Minimize IAM Roles
  • Minimize External Access to the Network
  • Appropriately Use Kernel Hardening Tools Such as AppArmor, Seccomp
Module 4: Minimize Microservice Vulnerabilities
  • Setup Appropriate OS Level Security Domains e.g. Using PSP, OPA, Security Contexts
  • Manage Kubernetes Secrets
  • Use Kubernetes Runtime Sandboxes in Multi-Tenant Environments (e.g. Gvisor, Kata Containers)
  • Implement Pod to Pod encryption by use of MTLS
Module 5: Supply Chain Security
  • Minimize Base Image Footprint
  • Secure your Supply Chain: Whitelist allowed Registries, Sign and Validate Images
  • Use Static Analysis of User Workloads (e.g. Kubernetes Resources, Docker Files) Scan Images for
  • Known Vulnerabilities
Module 6: Monitoring, Logging and Runtime Security
  • Perform Behavioral Analytics of Syscall Process and File Activities at the Host and Container Level to Detect Malicious
  • Activities
  • Detect Threats within Physical Infrastructure, Apps, Networks, Data, Users and Workloads
  • Detect All Phases of Attack Regardless Where It Occurs and How It Works
  • Perform Deep Analytical Investigation and Identification of Bad Actors within Environment Ensure
  • Immutability of Containers at Runtime
  • Use Audit Logs to Monitor Access
Download Course Contents

Request More Information

Course Prerequisites
  • Candidates must have taken and passed the Certified Kubernetes Administrator (CKA) exam prior to attempting the CKS exam.