Docker & Kubernetes Security

Docker & Kubernetes Security

Learn how to securely orchestrate and operate containers.


Created for teams that rely on Docker and Kubernetes for their daily work, this training is an extensive guide to security aspects of both tools. We teach, how to attack Kubernetes-based environments, which attack vectors are available, which are the most crucial, what are the best practices regarding containerized environments, and how to defend against malicious actors. This training is meant to teach you how to secure containers, pods, and clusters against the threats you will surely encounter.

Good understanding of Linux and Networking topics are highly recommended, if not required. The training consists of five days of extremely hard work, as the knowledge presented is professionally considered highly difficult and elite.

On-site, ask to schedule

Ask for this training

Type of training

  • Exclusively on-site
  • 5 intensive days
  • Theory and laboratories

Who should attend

  • Operation teams (DevOps/DevSecOps)
  • Senior-rank Developers
  • Technology Leaders

Required knowledge

  • Docker & Kubernetes - min. Good
  • Linux - Good to Great
  • Networking - Good to Great


A sample set of laboratories

  • Infrastructure exfiltration by runC privilege escalation
  • Kubernetes exfiltration and session-persistence with Helm Charts and Tiller
  • Image-security scanning with Trivy and vulns
  • Host take-over with exposed DockerAPI
  • Denial of the service attack with crushing Docker-based application
  • Container image-poisoning
  • Information and secrets gathering from Docker image
  • Generating seccomp-profiles with a set of tools
  • Protecting Docker-container using PodSecurityPolicies
  • Auditing Kubernetes infrastructure with fast Host Intrusion Detection System implementation and Kubernetes API auditlog
  • Man in the middle for Docker-registry
  • Host-pivoting through Kubernetes infrastructure
  • Cloud account exfiltration by Cloud Metadata Server
  • Enforcing compliance by AdmissionControllers and WebHooks
  • Automated application checks


Training Concept

"Docker and Kubernetes have been widely adopted, as the most popular foundation of infrastructure. However, even though they both solve a lot of problems, for each issue solved, another takes its place. Containers and pods might be better equipped to handle the current needs and desires of your business, but if they are insecure, are the risks of devastating financial, reputation, and code-wise losses acceptable? If you cannot keep your environments safe, you are doomed, no matter if you're running Kubernetes or any other kind of orchestrator, that is for sure."

- Kamil Zabielski

Trainer, CEO, Sysdogs



"Professionalism, partnership and high-quality. We can surely say, Sysdogs is one of the most experienced companies in Poland, when speaking about security, contenerization and Kubernetes. They are deeply integrated in development process, understand the business needs and really automate all the things. Anything in DevOps and DevSecOps areas - only sysdogs!"

- Maciej Gastol

CEO, Going. Sp. z o.o.

"We have asked sysdogs for help, and they provided efficient, effective infrastructure right on time. The timeframe of this project was very limited, so naturally, we've been looking for experts, with immediate, tested and sure solutions for problems that we knew would occur. During the first meeting, the CTO has presented a few solutions for every issue we have mentioned, and more! We had no need to oversee or be significantly present in the process - the final result is perfectly in line with our requirements and needs, and requires little attention, so we can focus on growing the project with peace of mind. True DevOps magic, delivered by true DevOps magicians. Great cooperation, and understanding of the business. Worth recommending."

- Michał Kurdziel

CTO, StarTerra

"Sysdogs were recommended to us, and now we know why - they fulfill all your expectations, and go even beyond those. Our time was limited, but for Sysdogs this wasn't a problem, everything was delivered efficiently and on time. Brilliant solutions, quick and spot-on. Dependable people that you can trust with your business. We will recommend them to everyone we can, with pleasure. Unbeatable, true DevOps magicians."

- Simon Rahme

COO, Loop Finance

"sysdogs is not just an another software company which claims to do DevOps. They are a team of enthusiasts with many years of experience in the field of System Administration, Infrastructure, Network and Security that loves what they do. They are real professionals, act as a real partner who is ready to advise and is not afraid of pointing your mistakes. If you have any needs in DevOps area - they should be your first choice!"

- Karol Wiszowaty

COO, Inspeerity

"At every moment of our cooperation, our wishes and expectations were met and exceeded by the Sysdogs team. Thanks to their knowledge in the creation of our new cloud infrastructure, we have created a foundation for scalable and secure network applications. A pro-customer approach at every stage of implementation makes cooperation with Sysdogs a real pleasure."

- Tymoteusz Wisniowski

Manager, ROLV Group Sp. z o.o.

"Choosing the right team for cooperation is not simple. In case of a dynamic business like ours, we wanted our partner to also meet a number of specific requirements. It turned out that the sysdogs team fit perfectly. Many months of cooperation have shown us, that they always provide the best solutions. Their commitment and professionalism does not dissapear after the first month of partnership. The latest technologies, high-quality communication, business consulting - that's what you can expect. If you are looking for DevOps, DevSecOps or cloud engineers, look no further - this is the team of high-class specialists that you need."

- Tomasz Wojtkiewicz

CEO, Nextbike Poland

"Sysdogs has reduced the delivery time of the applications and has delivered high-quality infrastructures. The team creates solutions that are tailored for the business needs and requirements. Overall, their vast experience in DevOps ensures a successful ongoing partnership."

- Maciej Kurek

CTO, Library X

"Thanks to Sysdogs engagement, the production environment can expect to process four petabytes of data growing by 200-500 GB a day with consistency and productivity. The team has established multiple communication tools to provide progress updates. Their optimal solutions are impressive."

- Maciej Lach

CTO, big xyt

How to order?

Contact us, we would love to talk about the training on a scheduled meeting.

We want to ensure you, that every incoming inquiry is important to us, treated with the highest level of care, and also guarantee, that you will receive a response within 48 hours or less.

Send an inquiry!
Each inquiry is treated individually.
Response within 48 hours guaranteed!