Certified Container Security ExpertTM
Become a Container Security Expert. From Container fundamentals to advanced defense tactics, learn to identify, exploit, and protect containerized apps in real-world scenarios. 87% of learners report improved security posture within 2 months. Our Container Security Experts are used by 8 of 10 Fortune 500 tech companies.
Over 5,000+
Learners Certified
Self-paced learning
Browser based lab access
24/7 Instructor support
Self-paced learning mode
Browser based lab access
24/7 Instructor support
Self-paced learning mode
Browser based lab access
24/7 Instructor support
Trusted by top companies across industries, empowering thousands of professionals worldwide. Join the ranks of security leaders
Prerequisites
- Course participants should have knowledge of running basic Linux commands like ls, cd, mkdir, etc.,
Chapter 1: Introduction to Containers
- What is a container?
- Basics of a container and its challenge
- Container vs. Virtualization
- Container Advantages
- Container Disadvantages
- Container fundamentals
- Namespaces
- Cgroup
- Capabilities
- Docker architecture and its components
- Docker CLI
- Docker Engine (Daemon, API)
- Docker Runtime (containerd, shim, runc)
- Interacting with container ecosystem
- Docker images and image layers
- Build Container images using Dockerfile
- Docker image repository
- Running a container
- Managing / Orchestrating multiple containers
- Using CLI/API to manage multiple containers
- Docker Compose
- Docker Swarm
- Kubernetes
- Docker alternatives
- Podman
- CRI-O
- Hands-on Exercises:
- Working With Docker Command
- Docker Networking
- Manage Data in Docker
- Create Docker Image using Dockerfile
- Writing Dockerfile
- How To Use Container Registry
- Learn Docker Compose
- Working With Docker SDK
- Creating Container Snapshots
Chapter 2: Container Reconnaissance
- Overview of Container Security
- Attack surface of the container ecosystem
- Identifying the components and their security state
- Get an inventory of containers
- Docker Images
- Dockerfile and Environment variables
- Docker volumes
- Docker Networking
- Ports used/Port forwarding
- Docker Registries
- Exhaustive review of Namespaces, cgroups and capabilities
- Get an inventory of containers
- Analysis of the attack surface
- Using native tools
- Using third-party tools
- Hands-on Exercises:
- Using Built-in Docker Tools for Reconnaissance
- Use Third-party Tools for Image Inspection
- Scanning the Remote Host for Unauthenticated Docker API Access
- Identify a Container and Extract Sensitive Information
- Create and Restore a Snapshot of the Container for Further Analysis
What you’ll learn from the Certified Container Security Expert Course?
Build comprehensive container fundamentals as you deploy and manage Docker containers, images, and registries through hands-on exercises with live environments.
Identify attack surfaces across container ecosystems by analyzing Docker components, volumes, networks, and registries using both native and specialized third-party tools.
Execute powerful container attacks including image backdooring, registry exploitation, privilege escalation, and Docker daemon attacks to understand real-world threats.
Implement robust container defenses through secure image building, Seccomp/AppArmor hardening, vulnerability scanning, and CI/CD security integration.
Deploy effective container monitoring systems using specialized tools like Sysdig Falco, Tracee, and Wazuh to detect and respond to container security incidents.
Limit blast radius during container compromises by applying practical isolation techniques, network segregation, and defense-in-depth strategies for containerized apps.
Chapter 3: Attacking Containers and Containerized Apps
Note: Every topic/sub topic has an exercise in this module
- Containers Attack Matrix
- Image-based attacks
- Malicious Images
- Extracting passwords, tokens, TLS certs, etc.
- Exploiting vulnerable components
- Registry-based attacks
- Insecure Docker registries
- Open Docker registries
- Lack of authorization (RBAC)
- Container-based attacks
- Manipulating the Privileged mode containers
- Attacking mounted docker volumes
- Abusing SetUID/SetGID binaries
- Exploiting shared namespaces
- Attacking Linux capabilities
- Docker host (Daemon) / kernel attacks
- Exploiting unauthenticated Docker API
- Insecure Docker endpoint
- Lack of network segregation
- Denial of service attacks
- Kernel exploits
- Privilege escalation methods in Docker
- Security misconfigurations
- Attacking management tools (Portainer)
- Exploiting OWASP Top 10 issues in containerized apps
- Security misconfigurations
- Hands-on Exercises:
- Backdooring Docker Image
- Inspecting Docker Daemon Activity
- Malicious Container Image
- Exploiting Containerized Apps
- Unsecured Docker Daemon
- Docker Exploitation using deepce
- Attacking Misconfigured Docker Registry
Chapter 4: Defending Containers and Containerized Apps on Scale
- Container image security
- Building secure container images
- Choosing base images
- Distroless images
- Scratch images
- Security Linting of Dockerfiles
- Static Analysis(SCA) of container images
- Scan for vulnerabilities in container
- Choosing the right container scanner tool for your needs
- Building secure container images
- Docker Daemon security configurations
- Docker user remapping
- Docker runtime security (gVisor, Kata)
- Docker socket configuration
- fd
- TCP socket
- TLS authentication
- Dynamic Analysis of the container hosts and daemons
- Docker host security configurations
- Kernel Hardening using Seccomp and AppArmor
- Custom policy creation using Seccomp and AppArmor
- Network Security in containers
- Segregating networks
- Misc Docker Security Configurations
- Content Trust and Integrity checks
- Docker Registry security configurations
- Private vs. Public Registries
- Authentication and Authorization (RBAC)
- Built-in Image scanning capabilities
- Policy enforcement
- DevOps CI/CD Integration
- Docker Tools, Techniques and Tactics
- Tools
- Dive (Forensic)
- Dockle
- Techniques
- Tactics
- Tools
- Hands-On Exercises:
- Static Analysis using Hadolint
- Scanning Docker for Vulnerabilities With Trivy
- Embedding Trivy Scanning in GitLab CI
- Build a Secure, Miniature Image With Distroless To Minimize Attack Footprint
- Minimize Docker Security Misconfigurations With CIS Compliance
- Securing Container Images by Default Using Harbor
- Signing Container Images for Trust
Chapter 5: Security Monitoring of Containers
- Monitoring Docker events, logs
- Incident response in containers
- Docker runtime prevention
- Policy creation, enforcement, and management
- Docker security monitoring using Wazuh
- Hands-On Exercises:
- Auditing Docker using AuditD
- Sysdig Falco – Runtime Protection and Monitoring
- Tracee – Runtime Security
Practical DevSecOps Certification Process
- After completing the course, you can schedule the CCSE exam on your preferred date.
- Process of achieving Practical DevSecOps CCSE Certification can be found on the exam and certification page.
Benefits of enrolling in the
Practical DevSecOps Courses
Master today’s security challenges with our updated curriculum and hands-on labs, preparing you for real-world threats.
Browser-based lab
Access all tools and exercises directly in your browser. Enjoy a practical, hassle-free learning experience - no downloads or installations needed!
Explore commands with our new AI-Powered 'Explain to me' feature
Gain detailed insights into any command with our AI-powered feature, designed to enhance your understanding and accelerate your learning.
Master cutting-edge tools
Enhance your security skills through hands-on experience with the latest industry tools in our labs. Get equipped for real-world applications and stay ahead of industry changes.
Frequently asked questions (FAQs)
What are the prerequisites required before enrolling in the Container Security Certification Course?
Basic Linux command knowledge is required before enrolling in this course.
What’s included in the Container Security Certification Course package?
Your package includes 3-year access to all course videos, 30-day access to browser-based labs, a comprehensive PDF manual, 24/7 technical support, and one certification exam attempt.
Do the Labs for the Container Security Certification Course Start Immediately after enrollment?
No, After enrollment, you’ll select your preferred start date. Your course access begins on your chosen date rather than automatically after purchase.
Does the Container Security Certification Course come with CPE points?
Yes, the Container security course gives you 24 CPE points.
What is the Exam Format for the Container Security Certification Course?
The exam consists of 5 practical challenges to be completed within 6 hours, followed by a 24-hour window to prepare and submit your exam report. For more information, visit this link.
Should I go to an exam center, or is the exam online?
Yes, The exam is entirely online, allowing you to complete it from your home or office.
How long is the Container Security certification valid?
The Container Security Expert Certification is a lifetime credential with no renewal requirements.
Why Certified Container Security Expert Course from Practical DevSecOps?
The Container Security Expert Training from Practical DevSecOps offers several compelling advantages:
Comprehensive curriculum: The course covers the complete container security lifecycle – from fundamentals to advanced monitoring and defense strategies. You’ll gain expertise in all aspects of container security.
Practical, hands-on approach: Each chapter includes multiple hands-on exercises that reinforce theoretical concepts with real-world applications. You’ll work directly with tools like Docker, Trivy, Falco, and more.
Both offensive and defensive skills: The training doesn’t just teach you how to defend – it also shows you how attackers think. You’ll learn attack techniques (chapter 3) and then how to defend against them (chapter 4).
Industry-relevant tools: The curriculum incorporates widely used security tools in the container ecosystem, preparing you to work with technologies actually used in enterprise environments.
Scalable security knowledge: The course progresses from single container security to managing security at scale, making it valuable whether you work with small deployments or large container orchestration systems.
If you’re looking to build specialized security skills in containerization – an increasingly critical area of modern infrastructure – this curriculum appears to provide both depth and breadth of knowledge with a strong emphasis on practical application.
Hear from our learners
Explore the global impact of our Container Security Certification through our learners’ testimonials.
After two months of studying and a grueling 12-hour exam last Saturday, I'm happy to share I can now call myself a Certified DevSecOps Professional!
Would recommend the course to anyone that wants to really get hands-on and technical with tooling such as SCA, SAST, DAST, IaC and CaC.
I received good news over the Thanksgiving week: I passed my Certified Container Security Expert exam! This is exam is provided by the Practical DevSecOps training group, which I highly recommend for hands-on skills in the DevSecOps field. The practical labs and 6 hour exam covers a number of security strategies and tools, including: Harbor, Cosign, Trivy, Grype, Snyk, Dockle, Seccomp and many more! The training is FIRST CLASS!
I am happy to share that I have lately gained the Practical DevSecOps Professional Certification (CDP).
Thanks to the Practical DevSecOps team, for both excellent material and a lot of great practical labs.
The certification finished off with a challenging 12 hours practical exam and extensive report writing.
I'm excited to share that I have successfully obtained the CCNSE certification!
This accomplishment has provided me with advanced abilities to effectively secure microservices, containers and Kubernetes environments.
I now possess comprehensive expertise in handling attacks, implementing defenses, and ensuring compliance within these complex systems.
I would like to give big thanks to the very responsive team at Practical DevSecOps.
After two months of studying and a grueling 12-hour Practical exam, I'm happy to share that I can now call myself a Certified DevSecOps Professional!
Warmly recommend this excellent course for technical architects, or engineers who want to gain hands-on skills on how to embed security across modern SDLC.
The labs covered running below mentioned security tools using Docker and building E2E DevOps pipeline with integrated security automation using GitLab, Jenkins, CircleCI, and GitHub Actions.
SCA, SAST, DAST, Infra as Code/hardening (IaC), Compliance as Code(CaC), Vulnerability mgmt
Thanks Practical DevSecOps
This was a great course with practical training for how to embed automated security scanning into a CI/CD pipeline, plus hardening and compliance checks using an everything-as-code approach. Finishing off with a challenging 12 hour practical exam and extensive report writing requirement and assessment to gain the Certified DevSecOps Professional (CDP) certificate. Thanks to Mohammed A. Imran and Raj Shekar of Practical DevSecOps.
After very challenging 12-hours hands-on exam and preparing extensive exam report I am now Certified DevSecOps Professional (CDP)!
The quality of the course material was surprisingly good and the lab environment is better than any other that I've come across. And in the AppSec field, I have seen quite a few of them. If you want to learn about application security, CI/CD pipelines, Docker, IaC, CaC, SAST, DAST, SCA and these other crazy but very cool acronyms and buzzwords, you would be very wise to join this course.
Whoa! After completing 139 lab exercises and intensive 12 hour exam in 1,5 months, I am finally a Certified DevSecOps Professional too. 🎉
Warmly recommend this excellent course for technical Product Owners, architects or engineers who want to gain hands-on skills on how to embed security across modern SDLC.
The labs covered running below mentioned security tools using Docker and building E2E DevOps pipeline with integrated security automation using GitLab, Jenkins, CircleCI and GitHub Actions.
SCA: Safety, pip-audit, RetireJS, dependency-check, Snyk, npm audit, auditjs, bundler-audit SAST: Trufflehog, detect-secrets, Bandit, Gosec, semgrep, hadolint, FindSecBugs, njsscan, pylint, Brakeman, SonarQube DAST: nikto, nmap, SSLyze, ZAP, Dastardly Infra as Code/hardening: Ansible, AnsibleVault, TFLint, Checkov, Terrascan, tfsec, Snyk Compliance as Code: Inspec for CIS Benchmark, ASVS, Docker compliance Vulnerability mgmt using DefectDojo
I am happy to share that I have lately gained the Practical DevSecOps Professional Certification (CDP).
Thanks to the Practical DevSecOps team, for both excellent material and a lot of great practical labs.
The certification finished off with a challenging 12 hours practical exam and extensive report writing.
I recently took the Certified DevSecOps Professional (CDP) certification from Practical DevSecOps. I would recommend the course for anybody that is interested in DevSecOps. The course material was well-written and presented. The labs were very helpful for real-world applications, and the test was a fun challenge.
Future-Proof Your Career with Container Security Training
Unlock your potential with Container Security Training! Our Certified Container Security Expert Course equips you with job-ready skills. Conquer the 6-hour exam with confidence and open doors to exciting opportunities and Challenges.
Unmatched practical focus
70% hands-on labs for Master real-world scenario’s.
Expert-crafted curriculum
Get real-world insights from the experienced Security Experts.
Practical exam
Take a 6-hour examination to show what you have learned.
24/7 expert support
Unbeatable guidance throughout your learning journey.