Kubernetes Playbook for Teams
RCCE students will learn Kubernetes container orchestration security including cluster hardening, pod security policies/standards, RBAC configuration, network policies, secrets management, admission controllers, and runtime security monitoring. RCCE students will learn to secure Kubernetes clusters from deployment through runtime, configure role-based access control for cluster resources, implement pod security standards to restrict container capabilities, write network policies for micro-segmentation, manage secrets securely within clusters, deploy admission controllers to enforce security policies, scan container images for vulnerabilities, and monitor cluster activity for suspicious behavior. This team-oriented course builds collaborative workflows and organizational playbooks for security operations. Starting from foundational concepts, RCCE students will learn to create and implement standardized procedures that enable consistent performance across team members and shifts. Students develop the documentation, communication, and coordination skills needed for effective team-based security operations.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Kubernetes Playbook for Teams
- Execute hands-on tasks for kubernetes playbook
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn — covering Kubernetes cluster security architecture, RBAC, pod security, network policies.
- Execute hands-on tasks for team playbook skills — covering Standardized security procedures, Cross-team communication workflows.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for control plane components
- Execute hands-on tasks for worker node components — covering kube-apiserver: API gateway for all operations, kubelet: node agent, pod lifecycle.
- Execute hands-on tasks for kubernetes security attack surface — covering Unauthenticated access, Token theft, Unencrypted data at rest.
- Execute hands-on tasks for api server — covering Unauthenticated access, Token theft.
- Execute hands-on tasks for container runtime — covering Escape vulnerabilities, Privileged containers.
- Explain Cluster Hardening Overview fundamentals — covering Disable anonymous auth, Enable audit logging, Enable encryption at rest.
- Execute hands-on tasks for api server lockdown — covering Disable anonymous auth, Enable audit logging.
| Module 01 | Kubernetes Playbook |
| Module 02 | Course Overview |
| Module 03 | What You Will Learn |
| Module 04 | Team Playbook Skills |
| Module 05 | Kubernetes Architecture Fundamentals |
| Module 06 | Control Plane Components |
| Module 07 | Worker Node Components |
| Module 08 | Kubernetes Security Attack Surface |
| Module 09 | API Server |
| Module 10 | Container Runtime |
| Module 11 | Cluster Hardening Overview |
| Module 12 | API Server Lockdown |
| Module 13 | Node Security |
| Module 14 | Network Segmentation |
All hands-on labs run on Rocheston Rose X OS. Students practice kubernetes playbook for teams by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for kubernetes playbook
- Lab 2: Explain Course Overview fundamentals
- Lab 3: Execute hands-on tasks for what you will learn
- Lab 4: Execute hands-on tasks for team playbook skills
- Lab 5: Design a scalable privilege management architecture with policy and enforcement
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Kubernetes Playbook for Teams, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI