Admiral: Kubernetes Defensive and Offensive Security Training

How Admiral empowered their security teams through in-person threat modelling and penetration testing training
Admiral: Kubernetes Defensive and Offensive Security Training

About Admiral

Admiral Group plc is a British financial services company headquartered in Cardiff, Wales. Listed on the London Stock Exchange, it is a constituent of the FTSE 100 Index, and markets the Admiral, Bell, Elephant, Diamond and Veygo insurance brands, as well as launching the price comparison services Confused.com and Compare.com. The group employs more than 10,000 people across its brands.

Nurturing Expertise with Kubernetes Threat Modelling and Penetration Testing Training

Admiral sought to empower their cloud security teams in Cardiff and Halifax with specialist, in-depth container and Kubernetes security knowledge to enhance their threat modelling processes. In parallel, they wished to provide their Cardiff-based internal penetration testing team with hands-on training in offensive security techniques specific to containerised workloads.

Challenges

Admiral recognised the need to deliver comprehensive training on both defensive and offensive techniques in the realm of container and Kubernetes security. Whilst there are many online courses and resources available in these areas, Admiral wanted in-person training with a high level of interaction, informed by real-world experience attacking and defending cloud native systems.

Solutions

ControlPlane leveraged their existing training materials to deliver a one-day course on threat modelling Kubernetes systems, and a three-day hands-on course showcasing offensive techniques and how to practically defend against them. The training was delivered on site at the client’s offices which enabled a flexible approach to be taken, where attendees could raise issues they had experienced during their own work, and brainstorm solutions in collaborative breakout sessions. The Credly platform was used for issuing badges to attendees to recognise successful completion of the course.

Business Outcomes

ControlPlane’s approach to training was well received by the client, with initial sessions in Cardiff being followed by subsequent in-person training in Halifax, Canada. In each case, the tailored training enabled attendees to gain practical skills through hands-on exercises, which enhanced their ability to threat model and secure containerised deployments effectively.

Similar case studies