Skip to main content

Module 13: Observability & Security Monitoring Slides

Slide walkthrough for Module 13 of Cloud Native Security Engineering: Securing Kubernetes, Workloads, APIs & Zero Trust Systems: OpenTelemetry, audit...

This slide page is the visual review companion for the full course module. Use it to recap the architecture, examples, exercises, production warnings, and takeaways after reading the lesson.

Slide Outline

  1. Observability & Security Monitoring - OpenTelemetry, audit logging, distributed tracing, and security telemetry
  2. Learning Objectives - 4 outcomes for this module
  3. Why This Module Matters - You have deployed identity, encryption, policy, and runtime security. But are they working? Observability tells you. Wit
  4. Kubernetes Audit Logging - Lesson section from the full module
  5. OpenTelemetry for Security - Lesson section from the full module
  6. Security Dashboards - Lesson section from the full module
  7. Real-World Use Cases - Security dashboards for SOC teams, Kubernetes audit log analysis for compliance
  8. Hands-On Labs - 2 hands-on labs
  9. Key Takeaways - 5 points to remember

Learning Objectives

  • Build security-focused observability with OpenTelemetry
  • Configure Kubernetes audit logging
  • Correlate security events across services
  • Design dashboards for security posture monitoring

Why This Module Matters

You have deployed identity, encryption, policy, and runtime security. But are they working? Observability tells you. Without it, you only discover problems after the breach.

Key Takeaways

  • Security observability connects all controls into unified monitoring
  • Kubernetes audit logs are essential for compliance and incident investigation
  • OpenTelemetry provides the collection layer for security telemetry
  • Dashboard the security posture: auth failures, SVID health, policy violations, runtime alerts
  • Alert on security metrics — do not wait for incidents to discover monitoring gaps

Hands-On Labs

  1. Build Security Dashboards

    Create Grafana dashboards for security posture monitoring.

    35 min - Intermediate

    • Deploy Prometheus, Loki, and Grafana
    • Configure security metric scraping (SPIRE, Falco, OPA)
    • Build dashboards for auth failures, SVID rotation, policy violations
    • Set up alerts for security-critical thresholds

    View lab files on GitHub

  2. Kubernetes Audit Log Analysis

    Enable and analyze audit logs for security investigation.

    25 min - Intermediate

    • Configure API server audit policy
    • Generate events (access secrets, create roles)
    • Search audit logs for suspicious patterns
    • Correlate audit events with application traces

    View lab files on GitHub

Read the full module | Back to course curriculum