Home

Overview

About KCSA

KCSA Badge Reference: https://www.credly.com/org/the-linux-foundation/badge/kcsa-kubernetes-and-cloud-native-security-associate

The Kubernetes and Cloud Native Security Associate (KCSA) is a pre-professional certification designed for candidates interested in advancing to the professional level through a demonstrated understanding of foundational knowledge and skills of security technologies in the cloud native ecosystem. Reference: CNCF-KCSA

Domains & Competencies

Overview of Cloud Native Security 14%

  • The 4Cs of Cloud Native Security

  • Cloud Provider and Infrastructure Security

  • Controls and Frameworks

  • Isolation Techniques

  • Artifact Repository and Image Security

  • Workload and Application Code Security

Kubernetes Cluster Component Security 22%

  • API Server

  • Controller Manager

  • Scheduler

  • Kubelet

  • Container Runtime

  • KubeProxy

  • Pod

  • Etcd

  • Container Networking

  • Client Security

  • Storage

Kubernetes Security Fundamentals 22%

  • Pod Security Standards

  • Pod Security Admissions

  • Authentication

  • Authorization

  • Secrets

  • Isolation and Segmentation

  • Audit Logging

  • Network Policy

Kubernetes Threat Model 16%

  • Kubernetes Trust Boundaries and Data Flow

  • Persistence

  • Denial of Service

  • Malicious Code Execution and Compromised Applications in Containers

  • Attacker on the Network

  • Access to Sensitive Data

  • Privilege Escalation

Platform Security 16%

  • Supply Chain Security

  • Image Repository

  • Observability

  • Service Mesh

  • PKI

  • Connectivity

  • Admission Control

Compliance and Security Frameworks 10%

  • Compliance Frameworks

  • Threat Modelling Frameworks

  • Supply Chain Compliance

  • Automation and Tooling

To learn more about KCSA, visit: https://training.linuxfoundation.org/certification/kubernetes-and-cloud-native-security-associate-kcsa/

NextOverview of Cloud Native Security

Last updated