Skip to content

[Free Training Workshop] Learn how to prevent, detect and mitigate container based threats using Calico Cloud

Notifications You must be signed in to change notification settings

tigera-solutions/prevent-detect-and-mitigate-container-based-threats

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

prevent-detect-and-mitigate-container-based-threats

main

Using a recent real-world example, we'll illustrate how to prevent, detect and mitigate the risk of container-based threats using Calico Cloud.

The Spring Boot web application used in this workshop is vulnerable to Log4Shell (CVE-2021-44228).

Learning Objectives

This workshop will teach you how to use Calico Cloud to protect mission-critical applications from container-based threats. You will learn how to assess your applications for vulnerabilities before deploying them to Kubernetes clusters, and how to set policies to control whether they are allowed to run. You will also learn how to exploit a vulnerable application to exfiltrate sensitive information and gain remote access. Finally, you will learn how to detect and observe attacks in real-time, isolate the intruder elements, and gather evidence to report the incident.

We will guide you through the following Calico Cloud use cases:

Image Assurance

  • Detect vulnerabilities in container images at build and runtime.

  • Use policy to prevent vulnerable container images from being deployed.

Dynamic Service and Threat Graph

  • Expose reconnaissance gathering and exploitation attempts.

  • Observe data exfiltration of sensitive information leaving the cluster.

Deep Packet Inspection

  • Detect exploitation attempts by evaluating workload traffic against intrusion detection signatures.

Malware Detection

  • Detect the presence of malicious files and processes in compromised workloads.

Workload-based Web Application Firewall (WAF)

  • Detect and block OWASP top 10 and other threats like Log4Shell.

Workshop Prerequisites

Workshop Modules

Reference

About

[Free Training Workshop] Learn how to prevent, detect and mitigate container based threats using Calico Cloud

Topics

Resources

Stars

Watchers

Forks

Contributors 4

  •  
  •  
  •  
  •