Opis
With the rise of the cloud, every aspect of IT has been shaken to its core. The fundamentals for building systems are changing, and although many of the principles that underpin security still ring true, their implementation has become unrecognizable. This practical book provides recipes for AWS, Azure, and GCP to help you enhance the security of your own cloud native systems.Based on his hard-earned experience working with some of the worlds biggest enterprises and rapidly iterating startups, consultant Josh Armitage covers the trade-offs that security professionals, developers, and infrastructure gurus need to make when working with different cloud providers. Each recipe discusses these inherent compromises, as well as where clouds have similarities and where theyre fundamentally different.Learn how the cloud provides security superior to what was achievable in an on-premises worldUnderstand the principles and mental models that enable you to make optimal trade-offs as part of your solutionLearn how to implement existing solutions that are robust and secure, and devise design solutions to new and interesting problemsDeal with security challenges and solutions both horizontally and vertically within your business Spis treści:PrefaceWho This Book Is ForHow This Book Is OrganizedWhat You Need to Use This BookConventions Used in This BookUsing Code ExamplesOReilly Online LearningHow to Contact UsAcknowledgments1. Security in the Modern Organization1.1. Why Security Is Critical1.2. What Is Meant by Cloud Native Security?1.3. Where Security Fits in the Modern Organization1.4. The Purpose of Modern Security1.5. DevSecOps1.6. How to Measure the Impact of Security1.7. The Principles of Security2. Setting Up Accounts and Users2.1. Scalable Project Structures on GCP2.2. Scalable Account Structures on AWS2.3. Scalable Subscription Structures on Azure2.4. Region Locking on GCP2.5. Region Locking on AWS2.6. Region Locking on Azure2.7. Centralizing Users on GCP2.8. Centralizing Users on AWS2.9. Centralizing Users on Azure3. Getting Security Visibility at Scale3.1. Building a Cloud Native Security Operations Centeron GCP3.2. Building a Cloud Native Security Operations Centeron AWS3.3. Building a Cloud Native Security Operations Center on Azure3.4. Centralizing Logs on GCP3.5. Centralizing Logs on AWS3.6. Centralizing Logs on Azure3.7. Log Anomaly Alerting on GCP3.8. Log Anomaly Alerting on AWS3.9. Log Anomaly Alerting on Azure3.10. Building an Infrastructure Registry on GCP3.11. Building an Infrastructure Registry on AWS3.12. Building an Infrastructure Registry on Azure4. Protecting Your Data4.1. Encrypting Data at Rest on GCP4.2. Encrypting Data at Rest on AWS4.3. Encrypting Data at Rest on Azure4.4. Encrypting Data on GCP with Your Own Keys4.5. Encrypting Data on AWS with Your Own Keys4.6. Encrypting Data on Azure with Your Own Keys4.7. Enforcing In-Transit Data Encryption on GCP4.8. Enforcing In-Transit Data Encryption on AWS4.9. Enforcing In-Transit Data Encryption on Azure4.10. Preventing Data Loss on GCP4.11. Preventing Data Loss on AWS4.12. Preventing Data Loss on Azure5. Secure Networking5.1. Networking Foundations on GCP5.2. Networking Foundations on AWS5.3. Networking Foundations on Azure5.4. Enabling External Access on GCP5.5. Enabling External Access on AWS5.6. Enabling External Access on Azure5.7. Allowing Access to Internal Resources on GCP5.8. Allowing Access to Internal Resources on AWS5.9. Allowing Access to Internal Resources on Azure5.10. Controlling External Network Connectivity on GCP5.11. Controlling External Network Connectivity on AWS5.12. Controlling External Network Connectivity on Azure5.13. Private Application Access on GCP5.14. Private Application Access on AWS5.15. Private Application Access on Azure6. Infrastructure as Code6.1. Building Secure Infrastructure Defaults on GCP6.2. Building Secure Infrastructure Defaults on AWS6.3. Building Secure Infrastructure Defaults on Azure6.4. Functions as a Service on GCP6.5. Functions as a Service on AWS6.6. Functions as a Service on Azure6.7. Robust Deployment on GCP6.8. Robust Deployment on AWS6.9. Robust Deployment on Azure6.10. Deployment at Scale on GCP6.11. Deployment at Scale on AWS6.12. Deployment at Scale on Azure7. Compliance as Code7.1. Labeling Resources on GCP7.2. Tagging Resources on AWS7.3. Tagging Resources on Azure7.4. Detecting Noncompliant Infrastructure on GCP7.5. Detecting Noncompliant Infrastructure on AWS7.6. Detecting Noncompliant Infrastructure on Azure7.7. Preventing Noncompliant Infrastructure on GCP7.8. Preventing Noncompliant Infrastructure on AWS7.9. Preventing Noncompliant Infrastructure on Azure7.10. Remediating Noncompliant Infrastructure on GCP7.11. Remediating Noncompliant Infrastructure on AWS7.12. Remediating Noncompliant Infrastructure on Azure8. Providing Internal Security Services8.1. Protecting Security Assets and Controls on GCP8.2. Protecting Security Assets and Controls on AWS8.3. Protecting Security Assets and Controls on Azure8.4. Understanding Machine Status at Scale on GCP8.5. Understanding Machine Status at Scale on AWS8.6. Understanding Machine Status at Scale on Azure8.7. Patching at Scale on GCP8.8. Patching at Scale on AWS8.9. Patching at Scale on Azure8.10. Data Backup on GCP8.11. Data Backup on AWS8.12. Data Backup on Azure9. Enabling Teams9.1. Enabling Project Sharing on GCP9.2. Enabling Account Sharing on AWS9.3. Enabling Resource Group Sharing on Azure9.4. Application Security Scanning on GCP9.5. Application Security Scanning on AWS9.6. Application Security Scanning on Azure10. Security in the Future10.1. The Infinite Game10.2. Building Capability10.3. Building Situational Awareness10.4. Conclusion11. Terraform Primer11.1. Authenticating with GCP11.2. Authenticating with AWS11.3. Authenticating with AzureIndex
Pozostałe E-booki
slowka po hiszpańsku
, dzien nauczyciela 2021 prezent
, natalia spychalska
, szkola w uk
, mistrzejowice kraków
, ich angielski
, powsińska 31 warszawa
, chemi czy chemii
, psm łomża
, joanna falkowska
, zielony język
, jak piszemy niema
, joanna s
, aleksandra jaworska
, tango łódź
, jak zmienić język w telefonie z chińskiego na polski
, jezyk polski rozszerzony matura
, chudy ang
, wykształcenie ang
, ichy
yyyyy
