Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Security Handbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cloud Security Handbook

Cloud Security Handbook

By : Eyal Estrin
4 (4)
Buy this Book
close
close
Cloud Security Handbook

Cloud Security Handbook

4 (4)
By: Eyal Estrin
Buy this Book

Overview of this book

Securing resources in the cloud is challenging, given that each provider has different mechanisms and processes. Cloud Security Handbook helps you to understand how to embed security best practices in each of the infrastructure building blocks that exist in public clouds. This book will enable information security and cloud engineers to recognize the risks involved in public cloud and find out how to implement security controls as they design, build, and maintain environments in the cloud. You'll begin by learning about the shared responsibility model, cloud service models, and cloud deployment models, before getting to grips with the fundamentals of compute, storage, networking, identity management, encryption, and more. Next, you'll explore common threats and discover how to stay in compliance in cloud environments. As you make progress, you'll implement security in small-scale cloud environments through to production-ready large-scale environments, including hybrid clouds and multi-cloud environments. This book not only focuses on cloud services in general, but it also provides actual examples for using AWS, Azure, and GCP built-in services and capabilities. By the end of this cloud security book, you'll have gained a solid understanding of how to implement security in cloud environments effectively.
Table of Contents (19 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Share your thoughts
1
Section 1: Securing Infrastructure Cloud Services
Icon
Section 1: Securing Infrastructure Cloud Services
Lock Free Chapter
2
Chapter 1: Introduction to Cloud Security
chevron up
Icon
Chapter 1: Introduction to Cloud Security
Icon
Technical requirements
Icon
What is a cloud service?
Icon
What are the cloud deployment models?
Icon
What are the cloud service models?
Icon
Why we need security
Icon
What is the shared responsibility model?
Icon
Command-line tools
Icon
Summary
3
Chapter 2: Securing Compute Services
Icon
Chapter 2: Securing Compute Services
Icon
Technical requirements
Icon
Securing VMs
Icon
Securing managed database services
Icon
Securing containers
Icon
Securing serverless/function as a service
Icon
Summary
4
Chapter 3: Securing Storage Services
Icon
Chapter 3: Securing Storage Services
Icon
Technical requirements
Icon
Securing object storage
Icon
Securing block storage
Icon
Securing file storage
Icon
Securing the CSI
Icon
Summary
5
Chapter 4: Securing Networking Services
Icon
Chapter 4: Securing Networking Services
Icon
Technical requirements
Icon
Securing virtual networking
Icon
Securing DNS services
Icon
Securing CDN services
Icon
Securing VPN services
Icon
Securing DDoS protection services
Icon
Securing WAF services
Icon
Summary
6
Section 2: Deep Dive into IAM, Auditing, and Encryption
Icon
Section 2: Deep Dive into IAM, Auditing, and Encryption
7
Chapter 5: Effective Strategies to Implement IAM Solutions
Icon
Chapter 5: Effective Strategies to Implement IAM Solutions
Icon
Technical requirements
Icon
Introduction to IAM
Icon
Failing to manage identities
Icon
Securing cloud-based IAM services
Icon
Securing directory services
Icon
Configuring MFA
Icon
Summary
8
Chapter 6: Monitoring and Auditing Your Cloud Environments
Icon
Chapter 6: Monitoring and Auditing Your Cloud Environments
Icon
Technical requirements
Icon
Conducting security monitoring and audit trails
Icon
Conducting threat detection and response
Icon
Conducting incident response and digital forensics
Icon
Summary
9
Chapter 7: Applying Encryption in Cloud Services
Icon
Chapter 7: Applying Encryption in Cloud Services
Icon
Technical requirements
Icon
Introduction to encryption
Icon
Best practices for deploying KMSes
Icon
Best practices for deploying secrets management services
Icon
Best practices for using encryption in transit
Icon
Best practices for using encryption at rest
Icon
Encryption in use
Icon
Summary
10
Section 3: Threats and Compliance Management
Icon
Section 3: Threats and Compliance Management
11
Chapter 8: Understanding Common Security Threats to Cloud Services
Icon
Chapter 8: Understanding Common Security Threats to Cloud Services
Icon
Technical requirements
Icon
The MITRE ATT&CK framework
Icon
Detecting and mitigating data breaches in cloud services
Icon
Detecting and mitigating misconfigurations in cloud services
Icon
Detecting and mitigating insufficient IAM and key management in cloud services
Icon
Detecting and mitigating account hijacking in cloud services
Icon
Detecting and mitigating insider threats in cloud services
Icon
Detecting and mitigating insecure APIs in cloud services
Icon
Detecting and mitigating the abuse of cloud services
Icon
Summary
12
Chapter 9: Handling Compliance and Regulation
Icon
Chapter 9: Handling Compliance and Regulation
Icon
Technical requirements
Icon
Compliance and the shared responsibility model
Icon
Introduction to compliance with regulatory requirements and industry best practices
Icon
What are the common ISO standards related to cloud computing?
Icon
What is a SOC report?
Icon
What is the CSA STAR program?
Icon
What is PCI DSS?
Icon
What is the GDPR?
Icon
What is HIPAA?
Icon
Summary
13
Chapter 10: Engaging with Cloud Providers
Icon
Chapter 10: Engaging with Cloud Providers
Icon
Technical requirements
Icon
Choosing a cloud provider
Icon
What is a cloud provider questionnaire?
Icon
Tips for contracts with cloud providers
Icon
Conducting penetration testing in cloud environments
Icon
Summary
14
Section 4: Advanced Use of Cloud Services
Icon
Section 4: Advanced Use of Cloud Services
15
Chapter 11: Managing Hybrid Clouds
Icon
Chapter 11: Managing Hybrid Clouds
Icon
Technical requirements
Icon
Hybrid cloud strategy
Icon
Identity management over hybrid cloud environments
Icon
Network architecture for hybrid cloud environments
Icon
Storage services for hybrid cloud environments
Icon
Compute services for hybrid cloud environments
Icon
Securing hybrid cloud environments
Icon
Summary
16
Chapter 12: Managing Multi-Cloud Environments
Icon
Chapter 12: Managing Multi-Cloud Environments
Icon
Technical requirements
Icon
Multi-cloud strategy
Icon
Identity management over multi-cloud environments
Icon
Network architecture for multi-cloud environments
Icon
Data security in multi-cloud environments
Icon
Cost management in multi-cloud environments
Icon
Cloud Security Posture Management (CSPM)
Icon
Cloud Infrastructure Entitlement Management (CIEM)
Icon
Patch and configuration management in multi-cloud environments
Icon
The monitoring and auditing of multi-cloud environments
Icon
Summary
17
Chapter 13:Security in Large-Scale Environments
Icon
Chapter 13:Security in Large-Scale Environments
Icon
Technical requirements
Icon
Managing governance and policies at a large scale
Icon
Automation using IaC
Icon
Security in large-scale cloud environments
Icon
Summary
Icon
What's next?
Icon
Why subscribe?
18
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share your thoughts

Chapter 1: Introduction to Cloud Security

This book, Cloud Security Techniques and Best Practices, is meant for various audiences. You could be taking your first steps working with cloud services, or you could be coming from an IT perspective and want to know about various compute and storage services and how to configure them securely. Or, you might be working in information security and want to know the various authentication, encryption, and audit services and how to configure them securely, or you might be working with architecture and want to know how to design large-scale environments in the cloud in a secure way.

Reading this book will allow you to make the most of cloud services while focusing on security aspects. Before discussing cloud services in more detail, let me share my opinion regarding cloud services.

The world of IT is changing. For decades, organizations used to purchase physical hardware, install operating systems, and deploy software. This routine required a lot of ongoing maintenance (for patch deployment, backup, monitoring, and so on).

The cloud introduced a new paradigm – that is, the ability to consume managed services to achieve the same goal of running software (from file servers to Enterprise Resource Planning (ERP) or Customer Relationship Management (CRM) products), while using the expertise of the hyper-scale cloud providers.

Some well-known use cases of cloud computing are as follows:

  • Netflix – one of the largest video streaming services world-wide. It uses AWS to run its media streaming services:

https://aws.amazon.com/solutions/case-studies/netflix-case-study

  • Mercedes-Benz – one of the most famous automotive brands. It uses Azure to run its research and development:

https://customers.microsoft.com/en-us/story/784791-mercedes-benz-r-and-d-creates-container-driven-cars-powered-by-microsoft-azure

  • Home Depot – the largest home improvement retailer in the United States. It uses Google Cloud to run its online stores:

https://cloud.google.com/customers/featured/the-home-depot

In this book, we will compare various aspects of cloud computing (from fundamental services such as compute, storage, and networking, to compliance management and best practices for building and maintaining large-scale environments in a secure way), while reviewing the different alternatives offered by Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

It does not matter which organization you are coming from – this book will allow you to have a better understanding of how to achieve security in any of the large hyper-scale cloud providers.

You do not have to read everything – simply find out which cloud provider is common at your workplace or which cloud provider you wish to focus on, and feel free to skip the rest.

In this chapter, we will cover the following topics:

  • Why we need security
  • Cloud service models
  • Cloud deployment models
  • The shared responsibility model
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Security Handbook
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon