Containers Hardening Workshop
RCCE students will learn container security including Docker security configurations, container image scanning, runtime protection, orchestrator security, container networking, and container forensics. RCCE students will learn to build secure container images following minimal base image and multi-stage build practices, scan images for vulnerabilities and misconfigurations, implement container runtime security using seccomp, AppArmor, and SELinux profiles, configure Docker daemon security, isolate container workloads, monitor container behavior for anomalies, investigate compromised containers, and establish container security governance across development and operations teams. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. At an expert level, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Containers Hardening Workshop
- Execute hands-on tasks for containers hardening workshop
- Execute hands-on tasks for advanced cyber defense mastery
- Explain Executive Overview fundamentals
- Execute hands-on tasks for why container hardening matters — covering Containers expand attack surface rapidly.
- Measure attack surface reduction and program effectiveness
- Execute hands-on tasks for operational efficiency
- Execute hands-on tasks for compliance alignment — covering Minimize container escape risk, Automate security baselines, CIS Docker Benchmark.
- Execute hands-on tasks for core definitions & terminology
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for applications / microservices
- Execute hands-on tasks for attack surface areas
- Execute hands-on tasks for container engine (docker, podman)
| Module 01 | Containers Hardening Workshop |
| Module 02 | Advanced Cyber Defense Mastery |
| Module 03 | Executive Overview |
| Module 04 | Why Container Hardening Matters |
| Module 05 | Risk Reduction |
| Module 06 | Operational Efficiency |
| Module 07 | Compliance Alignment |
| Module 08 | Core Definitions & Terminology |
| Module 09 | Container Architecture & Attack Surface |
| Module 10 | Applications / Microservices |
| Module 11 | Attack Surface Areas |
| Module 12 | Container Engine (Docker, Podman) |
| Module 13 | Container Stack |
| Module 14 | Container Threat Landscape |
All hands-on labs run on Rocheston Rose X OS. Students practice containers hardening workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for containers hardening workshop
- Lab 2: Execute hands-on tasks for advanced cyber defense mastery
- Lab 3: Explain Executive Overview fundamentals
- Lab 4: Execute hands-on tasks for why container hardening matters
- Lab 5: Measure attack surface reduction and program effectiveness
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Containers Hardening Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI