 Hello, my name is Tim Sarawitz. I'm a trainer and course developer for the Linux Foundation. Today, I'd like to talk about the Kubernetes Security Fundamentals course. This course is intended to help you secure your Cloud environment and also prepare you for the Certified Kubernetes Security Specialist or CKS exam. This is not a brain dump type course focused on just passing the exam. Instead, it is meant to touch on the topics you will need to secure your production environment. Keeping a cloud environment secure is an ongoing and wide ranging task. As more moves to the cloud, we must learn how to secure more than just Kubernetes to include the hardware, operating system, configuration options, including the many possible open source projects you may end up using. Starting in the design phase, care must be taken to secure safe hardware, firmware, operating system, and cloud software binaries, and creating secure repositories to serve images to the cloud once installed. Various tools probably should be configured prior to installing Kubernetes, including centralization of access and policies. You should also harden the operating system. Once the platform is hardened and Kubernetes installed, the Kube API server has a list of considerations, tools, and settings to limit access and configure the Kube API server in an easy to understand manner. As a network intensive environment, it becomes important to secure the network, both inside Kubernetes, as done with a network policy, as well as traditional firewall tools and pod to pod encryption. Minimizing base images, insisting on container immutability, and static and runtime analysis tools are also an important part of security, which often begins with developers and is implemented in the CICD pipeline prior to an image being used in a production cluster. Tools like AppArm and SE Linux should also be used to further protect the environment from malicious software or users. Security is more than just initial settings and configuration. It is a process of issue detection using intrusion detection tools and behavioral analytics. There needs to be an ongoing process of assessment, prevention, detection, and reaction following written and often updated policies. There is also a self-paced version, Kubernetes Security Essentials, that is available. Go to training.linuxfoundation.org and sign up today.