Cloud Native Software Security Handbook Unleash the Power of Cloud Native Tools for Robust Security in Modern Applications /

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Shah, Mihir (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing, Limited, 2023.
Temas:
Cloud computing > 21st century.
Computer software > 21st century.
Computer security > 21st century.
Computer storage device industry > 21st century.
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)

MARC

LEADER 00000cam a22000007a 4500
001 OR_on1392348020
003 OCoLC
005 20231017213018.0
006 m o d
007 cr cnu||||||||
008 230812s2023 enk o 000 0 eng d
040 |a EBLCP  |b eng  |c EBLCP  |d ORMDA 
020 |a 9781837636525 
020 |a 1837636524 
035 |a (OCoLC)1392348020 
037 |a 9781837636983  |b O'Reilly Media 
050 4 |a QA76.585 
082 0 4 |a 004.67/82  |2 23/eng/20230906 
049 |a UAMI 
100 1 |a Shah, Mihir,  |e author. 
245 1 0 |a Cloud Native Software Security Handbook  |h [electronic resource] :  |b Unleash the Power of Cloud Native Tools for Robust Security in Modern Applications /  |c Mihir Shah. 
260 |a Birmingham :  |b Packt Publishing, Limited,  |c 2023. 
300 |a 1 online resource (373 p.) 
500 |a Description based upon print version of record. 
505 0 |a Cover -- Title Page -- Copyright and Credits -- Contributors -- Table of Contents -- Preface -- Part 1: Understanding Cloud Native Technology and Security -- Chapter 1: Foundations of Cloud Native -- Understanding the cloud-native world -- Why consider using cloud-native architecture? -- Cloud models -- Approach to thinking cloud-native -- Components of a cloud-native system -- Orchestration -- Monitoring -- Logging and tracing -- Container registries -- Service meshes -- Security -- Summary -- Quiz -- Further readings -- Chapter 2: Cloud Native Systems Security Management 
505 8 |a Technical requirements -- Secure configuration management -- Using OPA for secure configuration management -- Requiring encryption for all confidential data -- Restricting access to sensitive resources -- Enforcing resource limits -- Secure image management -- Why care about image security? -- Best practices for secure image management -- Clair -- Harbor -- Creating an HTTPS connection for the repository -- Scanning for vulnerabilities in images -- Summary -- Quiz -- Further readings -- Chapter 3: Cloud Native Application Security -- Technical requirements 
505 8 |a Overview of cloud-native application development -- Differences between traditional and cloud-native app development -- The DevOps model -- Cloud-native architecture and DevOps -- Introduction to application security -- Overview of different security threats and attacks -- Integrating security into the development process -- OWASP Top 10 for cloud native -- Not shift-left -- Security and development trade-off -- Supplemental security components -- OWASP ASVS -- Secrets management -- How to create secrets in Vault -- Summary -- Quiz -- Further reading 
505 8 |a Part 2: Implementing Security in Cloud Native Environments -- Chapter 4: Building an AppSec Culture -- Technical requirements -- Overview of building an AppSec program -- Understanding your security needs -- Identifying threats and risks in cloud-native environments -- Bug bounty -- Evaluating compliance requirements and regulations -- Building an effective AppSec program for cloud-native -- Security tools for software in development -- Threat modeling -- Providing security training and awareness to all stakeholders -- Developing policies and procedures -- Incident response and disaster recovery 
505 8 |a Cloud security policy -- Identity and access management policies -- Continuous monitoring and improvement -- Summary -- Quiz -- Further readings -- Chapter 5: Threat Modeling for Cloud Native -- Technical requirements -- Developing an approach to threat modeling -- An overview of threat modeling for cloud native -- Integrating threat modeling into Agile and DevOps processes -- Developing a threat matrix -- Cultivating critical thinking and risk assessment -- Fostering a critical thinking mindset -- Developing risk assessment skills -- Threat modeling frameworks -- STRIDE -- PASTA -- LINDDUN 
500 |a Kubernetes threat matrix 
590 |a O'Reilly  |b O'Reilly Online Learning: Academic/Public Library Edition 
650 0 |a Cloud computing  |y 21st century. 
650 0 |a Computer software  |y 21st century. 
650 0 |a Computer security  |y 21st century. 
650 0 |a Computer storage device industry  |y 21st century. 
776 0 8 |i Print version:  |a Shah, Mihir  |t Cloud Native Software Security Handbook  |d Birmingham : Packt Publishing, Limited,c2023 
856 4 0 |u https://learning.oreilly.com/library/view/~/9781837636983/?ar  |z Texto completo (Requiere registro previo con correo institucional) 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL30670000 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL30670000 
994 |a 92  |b IZTAP 

Ejemplares similares