Overview
You will interrogate SBOM fragments, simulate tampered images, and wire policy decisions that remain legible to application teams. The emphasis stays on clarity: policies people can read, not opaque deny-all rules.
What you work through
- SBOM diff exercises with realistic semver jumps
- ImagePullSecret rotation without downtime windows
- Runtime monitoring baselines with tuned noise floors
- Falco rule tuning with annotated false positives
- ServiceAccount least privilege templates
- Evidence packs for change advisory boards
- Scenario cards for tabletop facilitation
Outcomes
- Author a policy change with linked SBOM evidence
- Tune a runtime rule with documented false positive handling
- Facilitate a 20-minute tabletop using provided scenario cards
Facilitator
Ren Ishikawa
Certification Coach bridging platform defaults and security review culture.
Participant notes
SBOM diff homework felt niche until our release manager asked the same question the next week.
Course questions
We use open-source oriented stacks. Commercial integrations are discussed conceptually only.
Labs target a supported minor within the CNCF skew policy window; release notes are provided each cohort.
Vendor licenses, CKS vouchers, and bespoke compliance mapping workshops.