An educational project that guides users through building, hardening, and monitoring a secure microservices environment with incident response simulation.
Udacity Cloud Native Architect Nanodegree project 4
This tool is designed for learners and practitioners aiming to understand microservices security by threat modeling, hardening container images, and implementing runtime monitoring. It is ideal for students or engineers who want hands-on experience securing microservices and responding to security incidents using open-source tools like sysdig Falco and Grafana.
This project is primarily educational and designed for learning purposes; it does not cover full CI/CD integration or enterprise-grade automation but provides foundational knowledge applicable to real-world microservices security. Users should ensure familiarity with containerization, Kubernetes, and security monitoring tools to maximize learning outcomes.
Clone the repository to your local environment
Build the microservices environment using the provided instructions
Use the secure base OpenSUSE image as the foundation for containers
Harden the container images and runtime environment as guided
Deploy and configure sysdig Falco for runtime monitoring
Set up Grafana to visualize Falco logs and alerts
Run the provided script to simulate a security incident for response practiceRun the script to introduce an unknown binary
Simulates a security incident to test detection and response capabilities
Configure sysdig Falco on the node
Sets up runtime security monitoring for the microservices environment
Use Grafana to review Falco-generated logs and alerts
Visualizes security events for incident analysis and response