Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Native Software Security Handbook
  • Table Of Contents Toc
Cloud Native Software Security Handbook

Cloud Native Software Security Handbook

By : Mihir Shah
5 (5)
Buy this Book
close
close
Cloud Native Software Security Handbook

Cloud Native Software Security Handbook

5 (5)
By: Mihir Shah
Buy this Book

Overview of this book

For cloud security engineers, it’s crucial to look beyond the limited managed services provided by cloud vendors and make use of the wide array of cloud native tools available to developers and security professionals, which enable the implementation of security solutions at scale. This book covers technologies that secure infrastructure, containers, and runtime environments using vendor-agnostic cloud native tools under the Cloud Native Computing Foundation (CNCF). The book begins with an introduction to the whats and whys of the cloud native environment, providing a primer on the platforms that you’ll explore throughout. You’ll then progress through the book, following the phases of application development. Starting with system design choices, security trade-offs, and secure application coding techniques that every developer should be mindful of, you’ll delve into more advanced topics such as system security architecture and threat modelling practices. The book concludes by explaining the legal and regulatory frameworks governing security practices in the cloud native space and highlights real-world repercussions that companies have faced as a result of immature security practices. By the end of this book, you'll be better equipped to create secure code and system designs.
Table of Contents (16 chapters)
close
close
close
Preface
chevron up
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the example code files
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
1
Part 1: Understanding Cloud Native Technology and Security
Icon
Part 1: Understanding Cloud Native Technology and Security
Lock Free Chapter
2
Chapter 1: Foundations of Cloud Native
Icon
Chapter 1: Foundations of Cloud Native
Icon
Understanding the cloud-native world
Icon
Approach to thinking cloud-native
Icon
Summary
Icon
Quiz
Icon
Further readings
3
Chapter 2: Cloud Native Systems Security Management
Icon
Chapter 2: Cloud Native Systems Security Management
Icon
Technical requirements
Icon
Secure configuration management
Icon
Secure image management
Icon
Summary
Icon
Quiz
Icon
Further readings
4
Chapter 3: Cloud Native Application Security
Icon
Chapter 3: Cloud Native Application Security
Icon
Technical requirements
Icon
Overview of cloud-native application development
Icon
Integrating security into the development process
Icon
Supplemental security components
Icon
Summary
Icon
Quiz
Icon
Further reading
5
Part 2: Implementing Security in Cloud Native Environments
Icon
Part 2: Implementing Security in Cloud Native Environments
6
Chapter 4: Building an AppSec Culture
Icon
Chapter 4: Building an AppSec Culture
Icon
Technical requirements
Icon
Overview of building an AppSec program
Icon
Building an effective AppSec program for cloud-native
Icon
Developing policies and procedures
Icon
Continuous monitoring and improvement
Icon
Summary
Icon
Quiz
Icon
Further readings
7
Chapter 5: Threat Modeling for Cloud Native
Icon
Chapter 5: Threat Modeling for Cloud Native
Icon
Technical requirements
Icon
Developing an approach to threat modeling
Icon
Developing a threat matrix
Icon
Threat modeling frameworks
Icon
Kubernetes threat matrix
Icon
Summary
Icon
Quiz
Icon
Further readings
8
Chapter 6: Securing the Infrastructure
Icon
Chapter 6: Securing the Infrastructure
Icon
Technical requirements
Icon
Approach to object access control
Icon
Principles for authentication and authorization
Icon
Defense in depth
Icon
Infrastructure components in cloud-native environments
Icon
Summary
Icon
Quiz
Icon
Further readings
9
Chapter 7: Cloud Security Operations
Icon
Chapter 7: Cloud Security Operations
Icon
Technical requirements
Icon
Novel techniques in sourcing data points
Icon
Creating alerting and webhooks within different platforms
Icon
Automating incident response with custom scripts and tools
Icon
Automated security lapse findings
Icon
Integrating security tools and automating workflows
Icon
Building and maintaining a security automation playbook
Icon
Summary
Icon
Quiz
Icon
Further readings
10
Chapter 8: DevSecOps Practices for Cloud Native
Icon
Chapter 8: DevSecOps Practices for Cloud Native
Icon
Technical requirements
Icon
Infrastructure as Code
Icon
Policy as Code
Icon
Summary
Icon
Quiz
Icon
Further readings
11
Part 3: Legal, Compliance, and Vendor Management
Icon
Part 3: Legal, Compliance, and Vendor Management
12
Chapter 9: Legal and Compliance
Icon
Chapter 9: Legal and Compliance
Icon
Overview
Icon
Comprehending privacy in the cloud
Icon
Audit processes, methodologies, and cloud-native adoption
Icon
Laws, regulations, and standards
Icon
Summary
Icon
Quiz
Icon
Further readings
13
Chapter 10: Cloud Native Vendor Management and Security Certifications
Icon
Chapter 10: Cloud Native Vendor Management and Security Certifications
Icon
Security policy framework
Icon
Government cloud standards and vendor certifications
Icon
Enterprise risk management
Icon
Risk analysis
Icon
Case study
Icon
Summary
Icon
Quiz
Icon
Further readings
14
Index
Icon
Index
Icon
Why subscribe?
15
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Preface

Writing the Cloud Native Software Security Handbook has been an exciting and fulfilling journey for me. As an author, I am passionate about helping you navigate the complex world of cloud-native security, equipping you with the knowledge and skills necessary to secure infrastructure and develop secure software in this rapidly evolving landscape.

Throughout my experience in the field, I have witnessed the transformative power of cloud-native technologies and their potential to revolutionize the way we build and deploy software. However, I have also come to realize the critical importance of robust security practices in this domain. It is this realization that motivated me to write this book – to bridge the gap between the power of cloud-native platforms and the need for comprehensive security measures.

As I delved into the creation of this handbook, I considered the needs of those among you who are eager to explore the cloud-native space and embrace its potential, while ensuring the utmost security. I embarked on a deep dive into widely used platforms such as Kubernetes, Calico, Prometheus, Kibana, Grafana, Clair, and Anchor, and many others – equipping you with the tools and knowledge necessary to navigate these technologies with confidence.

Beyond the technical aspects, I wanted this book to be a guide that goes beyond the surface and addresses the broader organizational and cultural aspects of cloud-native security. In the latter part of this book, we will explore the concept of Application Security (AppSec) programs and discuss how to foster a secure coding culture within your organization. We will also dive into threat modeling for cloud-native environments, empowering you to proactively identify and mitigate potential security risks.

Throughout this journey, I have strived to present practical insights and real-world examples that will resonate with those of you from diverse backgrounds. I believe that by sharing both my own experiences and those of others in the field, we can cultivate a sense of camaraderie and mutual growth as we navigate the intricacies of cloud-native security together.

My hope is that by the end of this book, you will not only possess a comprehensive understanding of cloud-native security but also feel confident in your ability to create secure code and design resilient systems. I invite you to immerse yourself in this exploration, embrace the challenges, and seize the opportunities that await you in the realm of cloud-native software security.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Native Software Security Handbook
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon