Security and Policy

Network Policy Studio

Progressive tightening of east-west traffic with staged namespaces, observability hooks, and rollback-friendly edits.

Duration: 2 weeks
Format: Intensive workshop
Tuition (informational): 840,000 KRW

Each cohort walks through default-deny adoption, DNS-aware policies, and troubleshooting mislabeled pods. Labs emphasize incremental commits and peer review of policy diffs rather than big-bang lockdowns.

What is included

Policy authoring with diff-friendly YAML layout
DNS capture exercises without external packet brokers
Egress allow-list patterns for SaaS dependencies
Label hygiene audits before enforcement
Simulated misconfiguration triage with instructor playbooks
Cross-namespace service exposure guardrails
Peer review checklist for policy pull requests

Outcomes

Ship a staged default-deny plan with rollback triggers
Trace a dropped connection to a specific rule line
Coordinate policy changes with application release trains

Lead instructor

Sora Kim

Security-focused platform engineer; publishes small tools for policy linting.

Participant notes

“DNS lab made the difference—finally stopped guessing which rule broke lookups.”

— Leo , Security engineer · Retail platform · Trustpilot
“Would have liked one more day on IPv6 dual-stack quirks, but the triage scripts compensated.”

— Dana · 4/5

Common questions

Which CNI assumptions?

Labs target mainstream CNIs that honor NetworkPolicy v1; exotic overlays may differ and are discussed as caveats only.

What is excluded?

Service mesh mTLS is referenced but not configured end-to-end.

Materials after class?

You keep lab manifests and the review checklist under the usage terms in General Terms.

Refund rules live under Returns & Refunds. No payments are processed on this marketing site.

Schedule a call