Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Security Handbook
  • Table Of Contents Toc
Cloud Security Handbook

Cloud Security Handbook

By : Eyal Estrin
4 (4)
Buy this Book
close
close
Cloud Security Handbook

Cloud Security Handbook

4 (4)
By: Eyal Estrin
Buy this Book

Overview of this book

Securing resources in the cloud is challenging, given that each provider has different mechanisms and processes. Cloud Security Handbook helps you to understand how to embed security best practices in each of the infrastructure building blocks that exist in public clouds. This book will enable information security and cloud engineers to recognize the risks involved in public cloud and find out how to implement security controls as they design, build, and maintain environments in the cloud. You'll begin by learning about the shared responsibility model, cloud service models, and cloud deployment models, before getting to grips with the fundamentals of compute, storage, networking, identity management, encryption, and more. Next, you'll explore common threats and discover how to stay in compliance in cloud environments. As you make progress, you'll implement security in small-scale cloud environments through to production-ready large-scale environments, including hybrid clouds and multi-cloud environments. This book not only focuses on cloud services in general, but it also provides actual examples for using AWS, Azure, and GCP built-in services and capabilities. By the end of this cloud security book, you'll have gained a solid understanding of how to implement security in cloud environments effectively.
Table of Contents (19 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Share your thoughts
1
Section 1: Securing Infrastructure Cloud Services
Icon
Section 1: Securing Infrastructure Cloud Services
Lock Free Chapter
2
Chapter 1: Introduction to Cloud Security
chevron up
Icon
Chapter 1: Introduction to Cloud Security
Icon
Technical requirements
Icon
What is a cloud service?
Icon
What are the cloud deployment models?
Icon
What are the cloud service models?
Icon
Why we need security
Icon
What is the shared responsibility model?
Icon
Command-line tools
Icon
Summary
3
Chapter 2: Securing Compute Services
Icon
Chapter 2: Securing Compute Services
Icon
Technical requirements
Icon
Securing VMs
Icon
Securing managed database services
Icon
Securing containers
Icon
Securing serverless/function as a service
Icon
Summary
4
Chapter 3: Securing Storage Services
Icon
Chapter 3: Securing Storage Services
Icon
Technical requirements
Icon
Securing object storage
Icon
Securing block storage
Icon
Securing file storage
Icon
Securing the CSI
Icon
Summary
5
Chapter 4: Securing Networking Services
Icon
Chapter 4: Securing Networking Services
Icon
Technical requirements
Icon
Securing virtual networking
Icon
Securing DNS services
Icon
Securing CDN services
Icon
Securing VPN services
Icon
Securing DDoS protection services
Icon
Securing WAF services
Icon
Summary
6
Section 2: Deep Dive into IAM, Auditing, and Encryption
Icon
Section 2: Deep Dive into IAM, Auditing, and Encryption
7
Chapter 5: Effective Strategies to Implement IAM Solutions
Icon
Chapter 5: Effective Strategies to Implement IAM Solutions
Icon
Technical requirements
Icon
Introduction to IAM
Icon
Failing to manage identities
Icon
Securing cloud-based IAM services
Icon
Securing directory services
Icon
Configuring MFA
Icon
Summary
8
Chapter 6: Monitoring and Auditing Your Cloud Environments
Icon
Chapter 6: Monitoring and Auditing Your Cloud Environments
Icon
Technical requirements
Icon
Conducting security monitoring and audit trails
Icon
Conducting threat detection and response
Icon
Conducting incident response and digital forensics
Icon
Summary
9
Chapter 7: Applying Encryption in Cloud Services
Icon
Chapter 7: Applying Encryption in Cloud Services
Icon
Technical requirements
Icon
Introduction to encryption
Icon
Best practices for deploying KMSes
Icon
Best practices for deploying secrets management services
Icon
Best practices for using encryption in transit
Icon
Best practices for using encryption at rest
Icon
Encryption in use
Icon
Summary
10
Section 3: Threats and Compliance Management
Icon
Section 3: Threats and Compliance Management
11
Chapter 8: Understanding Common Security Threats to Cloud Services
Icon
Chapter 8: Understanding Common Security Threats to Cloud Services
Icon
Technical requirements
Icon
The MITRE ATT&CK framework
Icon
Detecting and mitigating data breaches in cloud services
Icon
Detecting and mitigating misconfigurations in cloud services
Icon
Detecting and mitigating insufficient IAM and key management in cloud services
Icon
Detecting and mitigating account hijacking in cloud services
Icon
Detecting and mitigating insider threats in cloud services
Icon
Detecting and mitigating insecure APIs in cloud services
Icon
Detecting and mitigating the abuse of cloud services
Icon
Summary
12
Chapter 9: Handling Compliance and Regulation
Icon
Chapter 9: Handling Compliance and Regulation
Icon
Technical requirements
Icon
Compliance and the shared responsibility model
Icon
Introduction to compliance with regulatory requirements and industry best practices
Icon
What are the common ISO standards related to cloud computing?
Icon
What is a SOC report?
Icon
What is the CSA STAR program?
Icon
What is PCI DSS?
Icon
What is the GDPR?
Icon
What is HIPAA?
Icon
Summary
13
Chapter 10: Engaging with Cloud Providers
Icon
Chapter 10: Engaging with Cloud Providers
Icon
Technical requirements
Icon
Choosing a cloud provider
Icon
What is a cloud provider questionnaire?
Icon
Tips for contracts with cloud providers
Icon
Conducting penetration testing in cloud environments
Icon
Summary
14
Section 4: Advanced Use of Cloud Services
Icon
Section 4: Advanced Use of Cloud Services
15
Chapter 11: Managing Hybrid Clouds
Icon
Chapter 11: Managing Hybrid Clouds
Icon
Technical requirements
Icon
Hybrid cloud strategy
Icon
Identity management over hybrid cloud environments
Icon
Network architecture for hybrid cloud environments
Icon
Storage services for hybrid cloud environments
Icon
Compute services for hybrid cloud environments
Icon
Securing hybrid cloud environments
Icon
Summary
16
Chapter 12: Managing Multi-Cloud Environments
Icon
Chapter 12: Managing Multi-Cloud Environments
Icon
Technical requirements
Icon
Multi-cloud strategy
Icon
Identity management over multi-cloud environments
Icon
Network architecture for multi-cloud environments
Icon
Data security in multi-cloud environments
Icon
Cost management in multi-cloud environments
Icon
Cloud Security Posture Management (CSPM)
Icon
Cloud Infrastructure Entitlement Management (CIEM)
Icon
Patch and configuration management in multi-cloud environments
Icon
The monitoring and auditing of multi-cloud environments
Icon
Summary
17
Chapter 13:Security in Large-Scale Environments
Icon
Chapter 13:Security in Large-Scale Environments
Icon
Technical requirements
Icon
Managing governance and policies at a large scale
Icon
Automation using IaC
Icon
Security in large-scale cloud environments
Icon
Summary
Icon
What's next?
Icon
Why subscribe?
18
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share your thoughts

What are the cloud deployment models?

Now that we understand what the cloud characteristics are, let's talk about cloud deployment models:

  • Private cloud: An infrastructure deployed and maintained by a single organization. Let's say we are a large financial organization (such as a bank or insurance organization), we would like to serve various departments in our organization (from HR, IT, sales, and so on), and we might have regulatory requirements to keep customers' data on-premises – a private cloud can be a suitable solution.
  • Public cloud: An infrastructure deployed and maintained by a service provider for serving multiple customers and organizations, mostly accessible over the internet. Naturally, this book will focus on the public cloud model, with reference to various services offered by AWS, Azure, and GCP.
  • Hybrid cloud: A combination of a private cloud (or on-premises cloud) and at least one public cloud infrastructure. I like to consider the hybrid cloud as an extension of the local data center. We should not consider this extension as something separate, and we should protect it the same way we protect our local data center.
  • Multi-cloud: A scenario where our organization is either using multiple managed services (see the definition of SaaS in the next section) or using multiple public cloud infrastructure (see the definitions of IaaS and PaaS in the next section).
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Security Handbook
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon