دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش:
نویسندگان: Josh Armitage
سری:
ISBN (شابک) : 9781098106300
ناشر: O'Reilly Media
سال نشر: 2022
تعداد صفحات:
زبان: English
فرمت فایل : EPUB (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 4 Mb
در صورت ایرانی بودن نویسنده امکان دانلود وجود ندارد و مبلغ عودت داده خواهد شد
در صورت تبدیل فایل کتاب Cloud Native Security Cookbook به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب کتاب آشپزی امنیت بومی ابری نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
با ظهور ابر، هر جنبه ای از فناوری اطلاعات به هسته خود متزلزل شده است. اصول اساسی برای ساختن سیستم ها در حال تغییر است، و اگرچه بسیاری از اصولی که امنیت را پشتوانه می کنند هنوز درست هستند، پیاده سازی آنها غیرقابل تشخیص شده است. این کتاب کاربردی دستور العمل هایی برای AWS، Azure و GCP ارائه می دهد تا به شما کمک کند امنیت سیستم های بومی ابری خود را افزایش دهید. مشاور جاش آرمیتاژ بر اساس تجربه سخت به دست آمده از کار با برخی از بزرگترین شرکتهای جهان و استارتآپهایی که به سرعت در حال تکرار هستند، مبادلاتی را که متخصصان امنیتی، توسعهدهندگان و متخصصان زیرساخت باید هنگام کار با ارائهدهندگان مختلف ابری انجام دهند، پوشش میدهد. هر دستور غذا درباره این مصالحههای ذاتی، و همچنین اینکه ابرها شباهتهایی دارند و کجاها اساساً متفاوت هستند، بحث میکند.
With the rise of the cloud, every aspect of IT has been shaken to its core. The fundamentals for building systems are changing, and although many of the principles that underpin security still ring true, their implementation has become unrecognizable. This practical book provides recipes for AWS, Azure, and GCP to help you enhance the security of your own cloud native systems. Based on his hard-earned experience working with some of the world's biggest enterprises and rapidly iterating startups, consultant Josh Armitage covers the trade-offs that security professionals, developers, and infrastructure gurus need to make when working with different cloud providers. Each recipe discusses these inherent compromises, as well as where clouds have similarities and where they're fundamentally different.
Copyright Table of Contents Preface Conventions Used in This Book Using Code Examples O’Reilly Online Learning How to Contact Us Acknowledgments Chapter 1. Security in the Modern Organization 1.1 Why Security Is Critical 1.2 What Is Meant by Cloud Native Security? The Beginnings of the Cloud Old Practices in the New Reality 1.3 Where Security Fits in the Modern Organization 1.4 The Purpose of Modern Security 1.5 DevSecOps What Is DevOps? What Is DevSecOps? Version Control 1.6 How to Measure the Impact of Security Time to Notify for Known Vulnerabilities Time to Fix a Known Vulnerability Service Impacts Incurred Through Security Vulnerabilities Attempted Breaches Prevented Compliance Statistics Percentage of Changes Rejected 1.7 The Principles of Security Least Privilege Only as Strong as Your Weakest Link Defense in Depth Security Is Job Zero Quality Is Built In Chapter Summary Chapter 2. Setting Up Accounts and Users 2.1 Scalable Project Structures on GCP Problem Solution Discussion Summarizing the Recipe 2.2 Scalable Account Structures on AWS Problem Solution Discussion Summarizing the Recipe 2.3 Scalable Subscription Structures on Azure Problem Solution Discussion Summarizing the Recipe 2.4 Region Locking on GCP Problem Solution Discussion 2.5 Region Locking on AWS Problem Solution Discussion 2.6 Region Locking on Azure Problem Solution Discussion 2.7 Centralizing Users on GCP Problem Solution Discussion 2.8 Centralizing Users on AWS Problem Solution Discussion 2.9 Centralizing Users on Azure Problem Solution Discussion Chapter 3. Getting Security Visibility at Scale 3.1 Building a Cloud Native Security Operations Center on GCP Problem Solution Discussion Summarizing the Recipe 3.2 Building a Cloud Native Security Operations Center on AWS Problem Solution Discussion Summarizing the Recipe 3.3 Building a Cloud Native Security Operations Center on Azure Problem Solution Discussion Summarizing the Recipe 3.4 Centralizing Logs on GCP Problem Solution Discussion Summarizing the Recipe 3.5 Centralizing Logs on AWS Problem Solution Discussion Summarizing the Recipe 3.6 Centralizing Logs on Azure Problem Solution Discussion Summarizing the Recipe 3.7 Log Anomaly Alerting on GCP Problem Solution Discussion Summarizing the Recipe 3.8 Log Anomaly Alerting on AWS Problem Solution Discussion Summarizing the Recipe 3.9 Log Anomaly Alerting on Azure Problem Solution Discussion Summarizing the Recipe 3.10 Building an Infrastructure Registry on GCP Problem Solution Discussion Summarizing the Recipe 3.11 Building an Infrastructure Registry on AWS Problem Solution Discussion Summarizing the Recipe 3.12 Building an Infrastructure Registry on Azure Problem Solution Discussion Summarizing the Recipe Chapter 4. Protecting Your Data 4.1 Encrypting Data at Rest on GCP Problem Solution Discussion Summary 4.2 Encrypting Data at Rest on AWS Problem Solution Discussion Summary 4.3 Encrypting Data at Rest on Azure Problem Solution Discussion Summary 4.4 Encrypting Data on GCP with Your Own Keys Problem Solution Discussion Summary 4.5 Encrypting Data on AWS with Your Own Keys Problem Solution Discussion Summary 4.6 Encrypting Data on Azure with Your Own Keys Problem Solution Discussion Summary 4.7 Enforcing In-Transit Data Encryption on GCP Problem Solution Discussion Summary 4.8 Enforcing In-Transit Data Encryption on AWS Problem Solution Discussion Summary 4.9 Enforcing In-Transit Data Encryption on Azure Problem Solution Discussion Summary 4.10 Preventing Data Loss on GCP Problem Solution Discussion Summary 4.11 Preventing Data Loss on AWS Problem Solution Discussion Summary 4.12 Preventing Data Loss on Azure Problem Solution Discussion Summary Chapter 5. Secure Networking 5.1 Networking Foundations on GCP Problem Solution Discussion Summary 5.2 Networking Foundations on AWS Problem Solution Discussion Summary 5.3 Networking Foundations on Azure Problem Solution Discussion Summary 5.4 Enabling External Access on GCP Problem Solution Discussion Summary 5.5 Enabling External Access on AWS Problem Solution Discussion Summary 5.6 Enabling External Access on Azure Problem Solution Discussion Summary 5.7 Allowing Access to Internal Resources on GCP Problem Solution Discussion Summary 5.8 Allowing Access to Internal Resources on AWS Problem Solution Discussion Summary 5.9 Allowing Access to Internal Resources on Azure Problem Solution Discussion Summary 5.10 Controlling External Network Connectivity on GCP Problem Solution Discussion Summary 5.11 Controlling External Network Connectivity on AWS Problem Solution Discussion Summary 5.12 Controlling External Network Connectivity on Azure Problem Solution Discussion Summary 5.13 Private Application Access on GCP Problem Solution Discussion Summary 5.14 Private Application Access on AWS Problem Solution Discussion Summary 5.15 Private Application Access on Azure Problem Solution Discussion Summary Chapter 6. Infrastructure as Code 6.1 Building Secure Infrastructure Defaults on GCP Problem Solution Discussion Summary 6.2 Building Secure Infrastructure Defaults on AWS Problem Solution Discussion Summary 6.3 Building Secure Infrastructure Defaults on Azure Problem Solution Discussion Summary 6.4 Functions as a Service on GCP Problem Solution Discussion Summary 6.5 Functions as a Service on AWS Problem Solution Discussion Summary 6.6 Functions as a Service on Azure Problem Solution Discussion Summary 6.7 Robust Deployment on GCP Problem Solution Discussion Summary 6.8 Robust Deployment on AWS Problem Solution Discussion Summary 6.9 Robust Deployment on Azure Problem Solution Discussion Summary 6.10 Deployment at Scale on GCP Problem Solution Discussion Summary 6.11 Deployment at Scale on AWS Problem Solution Discussion Summary 6.12 Deployment at Scale on Azure Problem Solution Discussion Summary Chapter 7. Compliance as Code 7.1 Labeling Resources on GCP Problem Solution Discussion Summary 7.2 Tagging Resources on AWS Problem Solution Discussion Summary 7.3 Tagging Resources on Azure Problem Solution Discussion Summary 7.4 Detecting Noncompliant Infrastructure on GCP Problem Solution Discussion Summary 7.5 Detecting Noncompliant Infrastructure on AWS Problem Solution Discussion Summary 7.6 Detecting Noncompliant Infrastructure on Azure Problem Solution Discussion Summary 7.7 Preventing Noncompliant Infrastructure on GCP Problem Solution Discussion Summary 7.8 Preventing Noncompliant Infrastructure on AWS Problem Solution Discussion Summary 7.9 Preventing Noncompliant Infrastructure on Azure Problem Solution Discussion Summary 7.10 Remediating Noncompliant Infrastructure on GCP Problem Solution Discussion Summary 7.11 Remediating Noncompliant Infrastructure on AWS Problem Solution Discussion Summary 7.12 Remediating Noncompliant Infrastructure on Azure Solution Discussion Summary Chapter 8. Providing Internal Security Services 8.1 Protecting Security Assets and Controls on GCP Problem Solution Discussion Summary 8.2 Protecting Security Assets and Controls on AWS Problem Solution Discussion Summary 8.3 Protecting Security Assets and Controls on Azure Problem Solution Discussion Summary 8.4 Understanding Machine Status at Scale on GCP Problem Solution Discussion Summary 8.5 Understanding Machine Status at Scale on AWS Problem Solution Discussion Summary 8.6 Understanding Machine Status at Scale on Azure Problem Solution Discussion Summary 8.7 Patching at Scale on GCP Problem Solution Discussion Summary 8.8 Patching at Scale on AWS Problem Solution Discussion Summary 8.9 Patching at Scale on Azure Problem Solution Discussion Summary 8.10 Data Backup on GCP Problem Solution Discussion Summary 8.11 Data Backup on AWS Problem Solution Discussion Summary 8.12 Data Backup on Azure Problem Solution Discussion Summary Chapter 9. Enabling Teams 9.1 Enabling Project Sharing on GCP Problem Solution Discussion Summary 9.2 Enabling Account Sharing on AWS Problem Solution Discussion Summary 9.3 Enabling Resource Group Sharing on Azure Problem Solution Discussion Summary 9.4 Application Security Scanning on GCP Problem Solution Discussion Summary 9.5 Application Security Scanning on AWS Problem Solution Discussion Summary 9.6 Application Security Scanning on Azure Problem Solution Discussion Summary Chapter 10. Security in the Future 10.1 The Infinite Game Zero Trust Supply Chain Security 10.2 Building Capability 10.3 Building Situational Awareness 10.4 Conclusion Chapter 11. Terraform Primer 11.1 Authenticating with GCP 11.2 Authenticating with AWS 11.3 Authenticating with Azure Index About the Author