Master widely used cloud native platforms like Kubernetes, Calico, Kibana, Grafana, Anchor, and more to ensure secure infrastructure and software development
Purchase of the print or Kindle book includes a free PDF eBook
Key Features
- Learn how to select cloud-native platforms and integrate security solutions into the system
- Leverage cutting-edge tools and platforms securely on a global scale in production environments
- Understand the laws and regulations necessary to prevent federal prosecution
Book Description
For cloud security engineers, it’s crucial to look beyond the limited managed services provided by cloud vendors and make use of the wide array of cloud native tools available to developers and security professionals, which enable the implementation of security solutions at scale. This book covers technologies that secure infrastructure, containers, and runtime environments using vendor-agnostic cloud native tools under the Cloud Native Computing Foundation (CNCF).
The book begins with an introduction to the whats and whys of the cloud native environment, providing a primer on the platforms that you’ll explore throughout. You’ll then progress through the book, following the phases of application development. Starting with system design choices, security trade-offs, and secure application coding techniques that every developer should be mindful of, you’ll delve into more advanced topics such as system security architecture and threat modelling practices. The book concludes by explaining the legal and regulatory frameworks governing security practices in the cloud native space and highlights real-world repercussions that companies have faced as a result of immature security practices.
By the end of this book, you'll be better equipped to create secure code and system designs.
What you will learn
- Understand security concerns and challenges related to cloud-based app development
- Explore the different tools for securing configurations, networks, and runtime
- Implement threat modeling for risk mitigation strategies
- Deploy various security solutions for the CI/CD pipeline
- Discover best practices for logging, monitoring, and alerting
- Understand regulatory compliance product impact on cloud security
Who this book is for
This book is for developers, security professionals, and DevOps teams involved in designing, developing, and deploying cloud native applications. It benefits those with a technical background seeking a deeper understanding of cloud-native security and the latest tools and technologies for securing cloud native infrastructure and runtime environments. Prior experience with cloud vendors and their managed services is advantageous for leveraging the tools and platforms covered in this book.
Table of Contents
- Foundations of Cloud Native
- Cloud Native Systems Security Management
- Cloud Native Application Security
- Building an AppSec Culture
- Threat Modeling for Cloud Native
- Securing the Infrastructure
- Cloud Security Operations
- DevSecOps Practices for Cloud Native
- Legal and Compliance
- Cloud Native Vendor Management and Security Certifications
Mihir Shah is a security expert and industry leader with extensive experience in cloud-native security. He has been invited as an Industry Mentor at Stanford University and has delivered talks on various security topics such as web exploitation, Kubernetes exploitation, cryptography, and cloud security. He is a frequent speaker and trainer at industry conferences such as OWASP, DefCon, Bsides Paris, GitHub Satellite, null Bangalore, and All Day DevOps. He has published several papers on security topics. He is an invited judge for the prestigious Stevie, Globee, and Codie awards for 2023 in New York. He also has studied Law under one of the most renounced professors at Harvard Law and upholds the regulations in his cybersecurity career.
