Become well-versed with widely used platforms like Kubernetes, cloud services, Istio, Calico, Kynervo, Snyk, Prometheus, Kibana, Grafana, Clair, Anchor, and many more within the cloud-native space to secure infrastructure and develop secure software
Key Features
Learn how to select cloud-native platforms and integrate security solutions into the overall system
Leverage cutting-edge tools and platforms and use them, securely, at a global scale in production
Discover the laws and regulations that you should be aware of to avoid federal prosecution
Book Description
For a Cloud security engineer, it is crucial to think beyond the few managed services provided by the cloud vendor and truly use the plethora of cloud-native tools available for developers and security professionals, which allow for providing security solutions at scale. In this book, we cover technologies for securing the infrastructure, containers, and runtime environments using vendor-agnostic cloud-native tools under the CNCF.
The book begins by introducing the what and whys of the cloud-native environment along with a primer about the platforms that we would be exploring ongoing in the book. We then progress in the book as one would in the development phase of an application. We continue by exploring the System design choices and security trade-offs and then secure application coding techniques that every developer should be mindful of. As we move into more advanced topics, we look into the security architecture of the system and threat modelling practices, and we conclude by explaining the laws and guidelines regulating security practices in the cloud native space while exploring some real-world repercussions that companies have faced in the past due to a company’s immature security practices.
By the end of the book, you'll find yourself better positioned in creating secure safe code and system designs.
What you will learn
Learn security concerns and challenges for cloud-based app development
Explore various tools for securing config, networks, and runtime
Implementing threat modeling for risk mitigation strategies
Implement various security solutions for the CI/CD pipeline
Discover best practices for logging, monitoring, and alerting
Understand regulatory compliance product impact on cloud security
Who This Book Is For
The target audience for the book would be developers, security professionals, and DevOps teams who are involved in designing, developing, and deploying cloud-native applications. It is intended for those with a technical background who want to gain a deeper understanding of cloud-native security and learn about the latest tools and technologies for securing cloud-native infrastructure and runtime environments. Having prior experience with cloud vendors and their managed services would be a plus to leveraging all the tools and platforms explained in this book.
Table of Contents
Understanding Cloud Native Architecture
Secure System Design using Cloud Native
Application Development practices in Cloud Native world
Developing a Secure Coding Culture
Threat Modeling for Cloud Native
Securing the Infrastructure
Cloud Security Operations
DevSecOps Practices for Cloud Native
Legal and Compliance Issues
Cloud Native Vendor Management and Security Certifications
Description:
Become well-versed with widely used platforms like Kubernetes, cloud services, Istio, Calico, Kynervo, Snyk, Prometheus, Kibana, Grafana, Clair, Anchor, and many more within the cloud-native space to secure infrastructure and develop secure software
Key Features
Book Description
For a Cloud security engineer, it is crucial to think beyond the few managed services provided by the cloud vendor and truly use the plethora of cloud-native tools available for developers and security professionals, which allow for providing security solutions at scale. In this book, we cover technologies for securing the infrastructure, containers, and runtime environments using vendor-agnostic cloud-native tools under the CNCF.
The book begins by introducing the what and whys of the cloud-native environment along with a primer about the platforms that we would be exploring ongoing in the book. We then progress in the book as one would in the development phase of an application. We continue by exploring the System design choices and security trade-offs and then secure application coding techniques that every developer should be mindful of. As we move into more advanced topics, we look into the security architecture of the system and threat modelling practices, and we conclude by explaining the laws and guidelines regulating security practices in the cloud native space while exploring some real-world repercussions that companies have faced in the past due to a company’s immature security practices.
By the end of the book, you'll find yourself better positioned in creating secure safe code and system designs.
What you will learn
Who This Book Is For
The target audience for the book would be developers, security professionals, and DevOps teams who are involved in designing, developing, and deploying cloud-native applications. It is intended for those with a technical background who want to gain a deeper understanding of cloud-native security and learn about the latest tools and technologies for securing cloud-native infrastructure and runtime environments. Having prior experience with cloud vendors and their managed services would be a plus to leveraging all the tools and platforms explained in this book.
Table of Contents