Training > Cybersecurity > Zero Trust Security with SPIFFE and SPIRE (LFS482)
Image Image INSTRUCTOR-LED COURSE

Zero Trust Security with SPIFFE and SPIRE (LFS482)

Become an expert in Zero Trust security with SPIFFE and SPIRE and unlock career growth in the rapidly evolving cybersecurity field. Learn the skills you need to to design and implement secure infrastructures, identify vulnerabilities, and safeguard application platforms with confidence.

Image
Who Is It For
This course is designed for developers, system administrators, security professionals, and architects involved in designing, deploying, and operating medium to large microservice-based systems.
read less read more
Image
What You’ll Learn
This course discusses the patterns and practices necessary for the adoption of Zero Trust Networking, as well as Zero Trust networking implementation models, use cases, scenarios, and outcomes enabled by open source software. You will install, make changes to, and operate SPIFFE and SPIRE deployments and harden your organization’s security postures by operationalizing a “least privilege” authorization model.
read less read more
Image
What It Prepares You For
Upon completion, you’ll be able to plan and implement a Zero Trust security roadmap tailored to your organization, identify security gaps and configure features and functions in an existing infrastructure and application platform environment, and much more.
read less read more
Course Outline
Expand All
Collapse All
Image Introduction
- The Linux Foundation
- The Linux Foundation Training
- The Linux Foundation Certifications
- The Linux Foundation Digital Badges
- Laboratory Exercises, Solutions and Resources
- Things Change in Linux and Open Source Projects
- Distribution Details
- Labs
Image Module 1 - Course Introduction
- Introduction and Course Flow
- Acknowledgements
- Lab 00: Setup
Image Module 2 - Foundations of Zero Trust
- Objectives
- Introduction to Zero Trust
- Cryptography Fundamentals
- Lab 1: Getting Hands on with PKI
- Authentication, Identity Documents and Authorization
- Module Summary
Image Module 3 - SPIFFE and SPIRE Concepts
- Objectives
- Introduction to SPIFFE/SPIRE
- SPIFFE Concepts
- SPIRE Components
- Lab 2: Installing and Configuring SPIRE from Binaries
- Module Summary
Image Module 4 - Using SPIRE
- Objectives
- Configuring SPIRE
- Managing Registration Entries
- Deploying SPIRE
- Lab 3: Setup SPIRE on Kubernetes with Kind
- Module Summary
Image Module 5 - Workload Identities
- Objectives
- Managing SVIDS
- Lab 4: Getting SVIDS with SPIFFE-Helper
- SVID Operations with Client Libraries
- Lab 5: Using the Workload API with go-spiffe
- Module Summary
Image Module 6 - AuthZ and Policy Engines
- Objectives
- Introduction to Authorization
- Policy Languages and Tools
- Policy Engines
- Open Policy Agent (OPA)
- Lab 6: Navigating Basic Authorization with Open Policy Agent
- Additional Policy Engines & DSLs
- Module Summary
Image Module 7 - SPIRE and AuthZ
- Objectives
- AuthZ for the SPIRE Server
- Network AuthZ
- Building an AuthZ Architecture
- Service Mesh
- Zero Trust in Service Mesh
- Lab 7: Integrating SPIRE with OPA and Envoy
- Designing the SPIFFE ID Schema
- SPIRE and OIDC
- Lab 08: OpenID Connect Discovery
- Module Summary
Image Module 8 - SPIRE Architecture Considerations
- SPIRE Architecture Considerations
- Scaling and Growing SPIRE
- Lab 9: Deploying SPIRE in High Availability Mode
- SPIRE Architectures Continued
- Lab 10: Advanced Configuration 1 - Nested SPIRE
- Federated SPIRE
- Lab 11: Advanced Configuration 2 - Federated SPIRE
- Deployment Sizing Considerations
- Module Summary
Image Module 9 - SPIRE Day Two Ops
- SPIRE Day Two Operations
- Day Two Operations
- Disaster Recovery
- Resources
- Module Summary
Image Module 10 - The SPIFFE Ecosystem
- The SPIFFE Ecosystem
- Open Source Integrations
- Vendor integrations
- Summary of SPIRE Integrations
- Lab 12: Cilium with SPIRE
- Module Summary
Image Closing and Evaluation Survey
- Evaluation Survey
Prerequisites
Students should have practical experience with cloud computing platforms, deploying and managing Kubernetes clusters, and be familiar with Linux systems and command-line operations.
Image
$3495
Dates don't work? Check out our partner schedule
100% Money Back Guarantee
Includes
Image Live Online (Virtual) or Live (Classroom)
Image 3 days of Instructor-led class time
Image Hands-on Labs & Assignments
Image Resources & Course Manual
Image Certificate of Completion
Image Digital Badge
Experience Level: Intermediate
Get a Quote Image
Training more than 10 people?Get a corporate quote
How To Register Someone Other Than YourselfInstructions