Cargando…
DevSecOps for .NET core : securing modern software applications /
Automate core security tasks by embedding security controls and processes early in the DevOps workflow through DevSecOps. You will not only learn the various stages in the DevOps pipeline through examples of solutions developed and deployed using .NET Core, but also go through open source SDKs and t...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Berkeley, CA :
Apress L.P.,
2020.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 a 4500 | ||
|---|---|---|---|
| 001 | OR_on1157078096 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 200606s2020 cau o 001 0 eng d | ||
| 040 | |a EBLCP |b eng |e pn |c EBLCP |d YDX |d EBLCP |d GW5XE |d LQU |d OCLCF |d CQ$ |d N$T |d NLW |d UKAHL |d OCLCQ |d COM |d OCLCO |d OCLCQ |d UKMGB |d AUD |d OCLCQ |d OCLCO | ||
| 015 | |a GBC337547 |2 bnb | ||
| 016 | 7 | |a 019809061 |2 Uk | |
| 019 | |a 1156618486 |a 1162204384 |a 1163806245 |a 1164675728 |a 1175708009 |a 1182535947 |a 1183414810 | ||
| 020 | |a 9781484258507 |q (electronic bk.) | ||
| 020 | |a 1484258509 |q (electronic bk.) | ||
| 020 | |z 1484258495 | ||
| 020 | |z 9781484258491 | ||
| 029 | 1 | |a AU@ |b 000067295328 | |
| 029 | 1 | |a AU@ |b 000070460536 | |
| 029 | 1 | |a UKMGB |b 019809061 | |
| 035 | |a (OCoLC)1157078096 |z (OCoLC)1156618486 |z (OCoLC)1162204384 |z (OCoLC)1163806245 |z (OCoLC)1164675728 |z (OCoLC)1175708009 |z (OCoLC)1182535947 |z (OCoLC)1183414810 | ||
| 037 | |a com.springer.onix.9781484258507 |b Springer Nature | ||
| 050 | 4 | |a QA76.9.A25 | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Zeeshan, Afzaal Ahmad, |e author. | |
| 245 | 1 | 0 | |a DevSecOps for .NET core : |b securing modern software applications / |c Afzaal Ahmad Zeeshan. |
| 260 | |a Berkeley, CA : |b Apress L.P., |c 2020. | ||
| 300 | |a 1 online resource (297 pages) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Print version record. | |
| 505 | 0 | |a Intro -- Table of Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Modern Software Engineering -- Software Design -- Solutions on the Internet -- Multicultural Customers -- The Ever-Changing Market -- Security and Compliance Requirements -- Prerequisites -- What to Expect in This Book -- What Not to Expect in This Book -- Chapter 2: DevOps with Security -- The DevOps Cycle -- Adding Security -- Sec: Security, Performance, and Productivity -- Simple .NET Core App -- Manual Builds -- Basic Testing and QA -- Code-Analysis Services | |
| 505 | 8 | |a StyleCops. Analyzers -- Codacy Overview -- ASP.NET Core Sample -- HTTPS vs. SSH -- GitHub -- GitLab -- Azure DevOps -- Summary -- Chapter 3: Writing Secure Apps -- Write Less, Write Secure -- SAST, DAST, IAST, and RASP -- Developer Training -- Analyzers for Secure Code -- Runtime Selection and Configuration -- Code Smells, Bugs, Performance Issues and Naive Errors -- Vulnerabilities in Web Apps -- Fixing Injection and Scripting Attacks -- Scripting Problems: XSS, Token Forgery, and Session Hijacks -- Automated Tests -- Microservices: Separation of Concerns -- N-Tier Products with Hidden Databases | |
| 505 | 8 | |a Corporate Applications -- Increasing Scalability -- Communication in Services -- TCP -- HTTP/2, gRPC, and Beyond -- gRPC Sample -- Using Secure Cryptographic Methods -- MD5 and SHA1 for File Hashes -- Apply SSL Across Domain -- Summary -- Chapter 4: Automating Everything as Code -- Version Control and Audit -- Centralized Version Control Systems -- Distributed Version Control Systems -- GitOps -- Hosted Code Storage -- Infrastructure as Code (IaC) -- Azure Resource Manager as an IaC Toolkit -- Ansible, Terraform, and More -- Automating Code Building and Deployment -- Creating Build Pipelines | |
| 505 | 8 | |a Utilizing a Bug Database -- Compliance and Policies -- Risk and Bugs Analysis -- Feature Flags -- Summary -- Chapter 5: Securing Build Systems for DevOps -- On-Premises vs. Hosted CI/CD -- Jenkins Overview -- Azure VSTS (Azure DevOps Server) -- GitLab Auto DevOps and GitHub Actions -- Securing Logs -- Artifact Publishing, Caching, and Hashing -- Docker Containers for Build Environments -- Automated Deployments -- Summary -- Chapter 6: Automating Production Environments for Quality -- Host Platforms -- Docker and Containers -- Network Security -- Web Firewalls -- DDoS -- SSL and Encryption | |
| 505 | 8 | |a API Management -- Configuration and Credentials -- Mobile Applications -- Secure Vaults -- System Failure and Post-Mortems -- Infrastructure Rollbacks -- Summary -- Chapter 7: Compliance and Security -- Auditing -- Data Privacy and Control -- DevOps Audit Defense Toolkit -- Automated Issue Tracking -- Summary -- Index | |
| 500 | |a Includes index. | ||
| 520 | |a Automate core security tasks by embedding security controls and processes early in the DevOps workflow through DevSecOps. You will not only learn the various stages in the DevOps pipeline through examples of solutions developed and deployed using .NET Core, but also go through open source SDKs and toolkits that will help you to incorporate automation, security, and compliance. The book starts with an outline of modern software engineering principles and gives you an overview of DevOps in .NET Core. It further explains automation in DevOps for product development along with security principles to improve product quality. Next, you will learn how to improve your product quality and avoid code issues such as SQL injection prevention, cross-site scripting, and many more. Moving forward, you will go through the steps necessary to make security, compliance, audit, and UX automated to increase the efficiency of your organization. Youll see demonstrations of the CI phase of DevOps, on-premise and hosted, along with code analysis methods to verify product quality. Finally, you will learn network security in Docker and containers followed by compliance and security standards. After reading DevSecOps for .NET Core, you will be able to understand how automation, security, and compliance works in all the stages of the DevOps pipeline while showcasing real-world examples of solutions developed and deployed using .NET Core 3. You will: Implement security for the .NET Core runtime for cross-functional workloads Work with code style and review guidelines to improve the security, performance, and maintenance of components Add to DevOps pipelines to scan code for security vulnerabilities Deploy software on a secure infrastructure, on Docker, Kubernetes, and cloud environments. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer security. | |
| 650 | 2 | |a Computer Security | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 7 | |a Computer security. |2 bicssc | |
| 650 | 7 | |a Microsoft programming. |2 bicssc | |
| 650 | 7 | |a Computers |x Security |x General. |2 bisacsh | |
| 650 | 7 | |a Computers |x Programming |x Microsoft Programming. |2 bisacsh | |
| 650 | 7 | |a Computer security |2 fast | |
| 776 | 0 | 8 | |i Print version: |a Zeeshan, Afzaal Ahmad. |t DevSecOps for .NET core. |d Berkeley, CA : Apress L.P., 2020 |z 9781484258507 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781484258507/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH37842943 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6214882 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6214848 | ||
| 938 | |a EBSCOhost |b EBSC |n 2489806 | ||
| 938 | |a YBP Library Services |b YANK |n 16789984 | ||
| 994 | |a 92 |b IZTAP | ||