Zero-Trust Approach to Kubernetes: Field Guide
RCCE students will learn Kubernetes container orchestration security including cluster hardening, pod security policies/standards, RBAC configuration, network policies, secrets management, admission controllers, and runtime security monitoring. RCCE students will learn to secure Kubernetes clusters from deployment through runtime, configure role-based access control for cluster resources, implement pod security standards to restrict container capabilities, write network policies for micro-segmentation, manage secrets securely within clusters, deploy admission controllers to enforce security policies, scan container images for vulnerabilities, and monitor cluster activity for suspicious behavior. This zero-trust course applies modern security principles including least privilege, continuous verification, and explicit trust evaluation. Starting from foundational concepts, RCCE students will learn to implement zero-trust architectures that assume breach and verify every access request regardless of network location. Students build practical zero-trust implementations that align with organizational security modernization goals.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Zero-Trust Approach to Kubernetes: Field Guide
- Apply zero-trust principles to privilege decisions and elevation
- Execute hands-on tasks for malware triage: field guide
- Execute hands-on tasks for malware triage fundamentals — covering Perform initial triage for threat severity.
- Execute hands-on tasks for static analysis skills — covering Extract file hashes and metadata.
- Execute hands-on tasks for dynamic analysis skills — covering Execute malware in sandbox environments.
- Build detections and response workflows for privilege escalation, including Produce actionable analysis reports.
- Execute hands-on tasks for never trust, always verify
- Implement least-privilege enforcement across endpoints and roles, including Every file is suspect by default, and Run samples in isolated environments.
- Execute hands-on tasks for explicit trust evaluation — covering Treat every alert as potential compromise.
- Execute hands-on tasks for malware triage workflow
- Design a scalable privilege management architecture with policy and enforcement, including Each phase has pass/fail criteria.
| Module 01 | Zero-Trust Approach to |
| Module 02 | Malware Triage: Field Guide |
| Module 03 | Malware Triage Fundamentals |
| Module 04 | Static Analysis Skills |
| Module 05 | Dynamic Analysis Skills |
| Module 06 | Reporting and Response |
| Module 07 | Zero-Trust Principles in Malware Analysis |
| Module 08 | Never Trust, Always Verify |
| Module 09 | Least Privilege Execution |
| Module 10 | Explicit Trust Evaluation |
| Module 11 | Malware Triage Workflow |
| Module 12 | Phase Gate Model |
| Module 13 | Triage Priority Levels |
| Module 14 | Sample Collection Sources |
All hands-on labs run on Rocheston Rose X OS. Students practice zero-trust approach to kubernetes: field guide by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Apply zero-trust principles to privilege decisions and elevation
- Lab 2: Execute hands-on tasks for malware triage: field guide
- Lab 3: Execute hands-on tasks for malware triage fundamentals
- Lab 4: Execute hands-on tasks for static analysis skills
- Lab 5: Execute hands-on tasks for dynamic analysis skills
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Zero-Trust Approach to Kubernetes: Field Guide, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI