Securing Containerized Workloads

Overview

Part of	-
Duration	3 days
Course Time	9:00am to 5:00pm
Enquiry	Please email ask-iss@nus.edu.sg for more details.

The "Securing Containerized Workloads" course is a comprehensive 3-day intensive programme designed to equip participants with the knowledge and practical skills required to implement robust security practices across containerized environments.

The course begins with foundational container security, focusing on how to build hardened container images, write secure build files, and configure safe runtime environments. It then builds on this foundation by introducing Kubernetes platform security, covering linting resources, secrets management, RBAC, network policies, admission control, and workload isolation. The final day will focus on operational security, including how to proactively monitor and protect your containerized environment and integrate security into CI pipelines using shift-left strategies.

Throughout the course, participants will engage in challenging real-world scenario-based workshops, allowing them to apply what they’ve learned in simulated production environments.

Upcoming Classes

Class 1 22 Oct 2025 to 24 Oct 2025 (Full Time)

Duration: 3 days

When:

Oct:

22, 23, 24

Time:

09:00am to 05:00pm

Key Takeaways

Master foundational container security. Gain a comprehensive understanding of the basic building blocks of containerizing applications, from writing container build files to building minimal attack surface images and enforcing runtime security controls.
Learn hardening techniques for container applications and runtime platforms. Participants will learn how to implement security measures within container runtime platforms, including effective secrets management, access control, security as code policy enforcement, application containment for multi-tenanted environments and continuous threat detection.
Implement left-shift security in CI/CD pipelines. Develop skills to build secure CI/CD pipelines with a left-shift approach by implementing vulnerability scanning, policy validation, and automated security testing early in the development lifecycle.
Challenged by practical, real-world scenario workshops. Daily hands-on workshops with realistic real-world scenarios to reinforce theoretical knowledge using popular tools.

Who Should Attend

DevOps engineers
Security engineers and cloud security professionals
Site Reliability engineers
Solution architects
Technical leads

Pre-requisites

Basic Linux shell skills. Comfortable with using the terminal to navigate directories and use basic tools like grep, cat, ls, cd, etc.
Basic networking concepts. Understand fundamental networking concepts such as basic network protocols, IP addresses and ports.
Container fundamentals. Experience with building and running containers.
Kubernetes fundamentals. Familiarity with key concepts such as Namespace, Pods, Deployment and Services.

What to Bring

No printed copies of course materials are issued.
Participants must bring their laptops with power charger to access and download course materials.

Please see below for the tech specs:

	Minimum	Recommended
Computer and processor	1.6 GHz or faster, 4-core Intel Core i7 or equivalent	1.8 GHz, 4-core Intel Core i7 or equivalent
Memory	16 GB RAM	32 GB RAM
Hard Disk	256 GB disk size, with 50GB of available disk space
Display	1280 x 1040 screen resolution (64-bit requires hardware acceleration for 4K and higher)
Graphics	Graphics hardware acceleration requires DirectX 9 or later, with WDDM 2.0 or higher for Windows 10 (or WDDM 1.3 or higher for Windows 10 Fall Creators Update).	DirectX 10 graphics card for graphics hardware acceleration
Others	An internet connection – broadband wired or wireless Speakers and a microphone – built-in or USB plug-in or wireless Bluetooth A webcam or HD webcam - built-in or USB plug-in
Software	Windows 10 or later	Latest macOS

What Will Be Covered

Building secure images. Build secure images by understanding the security challenges in a container's lifecycle and how to mitigate them.
Maintaining the integrity of the runtime environment. Use tools to catch deployment misconfigurations, manage sensitive data, and enforce policies.
Ensure service availability. Strategies to ensure service uptime with auto-scaling, access controls, resource quotas, and runtime confinement.
Continuous runtime monitoring. Implement rules and policies to detect and respond to security threats and intrusions in real-time.
Left-shift security in CI/CD pipelines. Integrate security practices into CI/CD pipelines, including image scanning, detecting secret leaks, supply chain scanning, signing images and generating SBOM.

Fees & Subsidies

Fees for 2024

	Full Fee	Singaporeans & PRs (self-sponsored)
Full course fee	S$2700	S$2700
ISS Subsidy	-	(S$270)
Nett course fee	S$2700	S$2430
9% GST on nett course fee	S$243	S$218.70
Total nett course fee payable, including GST	S$2943	S$2648.70

Note:

All fees and subsidies are valid from January 2024, unless otherwise advised.
All self-sponsored Singaporeans aged 25 and above can use their SkillsFuture Credit to pay for course fees. For more information about SkillsFuture Credit, click here.
From 1st January 2024, the GST will be increased to 9%.

Certificate

The ISS Certificate of Completion will be issued to participants who have attended at least 75% of the course and pass the required assessments.

Preparing for Your Course

NUS-ISS Course Registration Terms and Conditions

Find out more.

NUS-ISS and Learner’s Commitment and Responsibilities

Find out more.

WIFI Access

WIFI access will be made available to participants.

Venue

NUS-ISS
25 Heng Mui Keng Terrace
Singapore 119615

Click HERE for directions to NUS-ISS

In the event of a change of venue, participants are advised to refer to the acceptance email sent one week prior to the commencement date.

Course Confirmation

All classes are subject to confirmation and NUS-ISS will send an acceptance email to participants one week prior to the commencement date. Confirmed registrants are to attend and complete all lectures, class exercises, workshops and assessments (where applicable). Additionally, all responses to feedbacks and surveys conducted by NUS-ISS and its partners must be submitted. All training and assessments will be delivered as described in the course webpage.

General Enquiry

Please feel free to write to ask-iss@nus.edu.sg if you have any enquiry or feedback.

Course Resources

Develop your Career in the Following
Training Roadmap(s)

Please click on the discipline(s) to view the training roadmap of related courses to assess your training needs and goals.

Architecting the backbones of smart cities

Empowering an ecosystem of startup tech talents for the digital future

NUS-ISS /
Course

Scrolltop

More than one Google Analytics scripts are registered. Please verify your pages and templates.