This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 5.3 of Cloud Monitoring, Compliance, and Risk Management
Container isolation, image scanning with Trivy, runtime security with Falco, 4Cs framework, and Kubernetes audit with kube-bench.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
NIST SP 800-190: Application Container Security Guide
Comprehensive NIST guide to container security covering image, registry, orchestrator, OS, and hardware.
NIST SP 800-190: Application Container Security Guide
Comprehensive NIST guide to container security covering image, registry, orchestrator, OS, and hardware.
CIS Kubernetes Benchmark
CIS consensus security configuration benchmark for Kubernetes with 200+ controls.
CIS Kubernetes Benchmark
CIS consensus security configuration benchmark for Kubernetes with 200+ controls.
kube-bench — Kubernetes CIS Benchmark Tool
Aqua Security open-source tool for automated CIS Kubernetes Benchmark assessment.
kube-bench — Kubernetes CIS Benchmark Tool
Aqua Security open-source tool for automated CIS Kubernetes Benchmark assessment.
Falco Rules Library
Community-maintained Falco rules library for detecting common container and Kubernetes threats.
Falco Rules Library
Community-maintained Falco rules library for detecting common container and Kubernetes threats.
Quadrant 4 · Self-Assessment
Monitoring, Auditing and Compliance
CloudTrail, VPC Flow Logs, AWS Config, GuardDuty, Security Hub, SCPs, and Indian compliance frameworks.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.