Self-paced Workshops

Hands-on experience at your pace. Learn how to address common security and observability challenges in your Kubernetes environment.

Container Security

In this self-paced workshop, you will learn how to prevent, detect, and stop breaches in containers and Kubernetes. The 90-minute interactive lab comes with your own provisioned Calico Cloud environment and a sample application. You will leave this workshop with hands-on experience on how to:

  • Scan container images and block deployment based on your security criteria during build time
  • Preview and enforce security policies to protect vulnerable workloads
  • Implement runtime security with IDS/IPS, WAF, and deep packet inspection
  • Implement zero-trust access controls to prevent egress and lateral movement during runtime
  • Get alerts for suspicious process names and args by leveraging eBPF to monitor the syscalls

New Calico eBPF and XDP

XDP (eXpress Data Path) is an eBPF-based, high-performance datapath inside the Linux kernel that can be used to improve the performance of your host workloads by using familiar, Kubernetes-supported syntax used to manage your cluster resources every day. In this hands-on lab environment, you will learn how to:

  • Enable Calico’s eBPF dataplane
  • Implement eBPF security policies
  • Implement XDP to achieve better performance for high-connection host workloads


In this compliance workshop, you will work with Calico experts to learn how to design and deploy best practices to secure your Kubernetes environment and achieve compliance with regulatory frameworks, including, but not limited to, PCI, SOC 2, and GDPR. This 90-minute hands-on lab comes with your own provisioned Calico Cloud and Tigera lab environment and is designed to help implement:

  • Kubernetes Security Posture Management (KSPM)
  • Security policies for compliance
  • Compliance, evidence, and audit reporting (PCI, SOC 2, and CIS benchmarks)

You will learn how others in your industry are enabling compliance for the applications running on containers and Kubernetes.