دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش:
نویسندگان: David Okeyode and Joylynn Kirui
سری:
ISBN (شابک) : 9781837631117
ناشر: Packt Publishing Pvt. Ltd.
سال نشر: 2024
تعداد صفحات: 443
زبان: English
فرمت فایل : EPUB (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 28 Mb
در صورت تبدیل فایل کتاب DevSecOps for Azure: End-to-end supply chain security for GitHub, Azure DevOps, and the Azure cloud به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب DevSecOps برای Azure: امنیت زنجیره تامین سرتاسر برای GitHub، Azure DevOps و ابر Azure نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
از محیطهای توسعه امن گرفته تا امنیت مداوم و یکپارچهسازی انطباق، این راهنمای جامع شما را به مهارتهایی مجهز میکند تا فرآیند قوی کد به ابری را که برای محیطهای Azure طراحی شده است، پیادهسازی کنید.
From secure development environments to continuous security and compliance integration, this comprehensive guide equips you with the skills to implement a robust code-to-cloud process tailored for Azure environments.
DevSecOps for Azure Foreword Contributors About the authors About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the example code files Conventions used Get in touch Share Your Thoughts Download a free PDF copy of this book Part 1: Understanding DevOps and DevSecOps 1 Agile, DevOps, and Azure Overview Technical requirements Defining DevOps – Understanding its concepts and practices The why of DevOps – Innovation, velocity, and speed Understanding the process aspect of DevOps Understanding the five core practices of DevOps Understanding the stages in a DevOps workflow Understanding the people aspect of DevOps The importance of a collaborative culture Staying clear of DevOps anti-types Understanding the product aspect of DevOps – The toolchain The platform approach to DevOps tooling An overview of the Azure DevOps platform An overview of the GitHub platform An overview of the GitLab platform Azure services for the DevOps workflow Agile, DevOps, and the Cloud – A perfect trio Hands-on Exercise 1 – Creating an Azure subscription Hands-On Exercise 2 – Creating an Azure DevOps organization (linked to your Azure AD tenant) Hands-On Exercise 3 – Creating a GitHub Enterprise Cloud trial account Summary Further reading 2 Security Challenges of the DevOps Workflow Technical requirements Security challenges of DevOps Understanding the limitations of traditional security in a fast-paced DevOps world Understanding how DevOps increases the attack surface The case for DevSecOps Understanding the cultural aspect of DevSecOps Understanding the process aspect of DevSecOps Considerations for selecting your DevSecOps toolchain DevSecOps and supply chain security Summary Further reading Part 2: Securing the Plan and Code Phases of DevOps 3 Implementing Security in the Plan Phase of DevOps Technical requirements Understanding DevSecOps in the planning phase Understanding threat modeling and its benefits Traditional threat modeling frameworks Threat modeling in DevSecOps Understanding the Mozilla RRA process Hands-on exercise 1 – Provisioning the lab VM Task 1 – Initializing the template deployment to Azure Task 2 – Connecting to the lab VM using Azure Bastion Hands-on exercise 2 – Performing threat modeling of an e-commerce application Task 1 – Downloading and installing the Microsoft Threat Modeling Tool Task 2 – Creating a threat model diagram for the eShop application Task 3 – Running a threat analysis on the model Implementing continuous code-to-cloud security training Summary Further reading 4 Implementing Pre-commit Security Controls Technical requirements Overview of the pre-commit coding phase of DevOps Understanding the developer environment options Understanding the security categories in the pre-commit phase Securing the development environment Risk 1 – IDE vulnerability risks Risk 2 – Malicious and vulnerable IDE extensions Risk 3 – Working with untrusted code Risk 4 – Compromised IDE source code Additional thoughts on hardening of the development environment Addressing common development security mistakes Risk 1 – Addressing in-house code vulnerability risk Risk 2 – Open source component risk Risk 3 – Exposed secret risk Choosing the right developer-first security tooling Hands-on exercise 1 – Performing code review, dependency checks, and secret scanning on the IDE Task 1 – Connecting to the lab VM using Azure Bastion Task 2 – Configuring Snyk on Visual Studio Code Task 3 – Importing eShopOnWeb to your Visual Studio Code workspace Hands-on exercise 2 – Installing and configuring Git pre-commit hooks on the IDE Task 1 – Installing pre-commit framework on Visual Studio Code Task 2 – Configuring detect-private key and detect-secrets pre-commit hooks on Visual Studio Code Summary 5 Implementing Source Control Security Technical requirements Understanding the post-commit phase of DevOps Understanding the security measures in the source control management phase Securing the source code management environment Managing code repositories securely Recommendation 1 – Ensuring repository creation is limited to specific members Recommendation 2 – Ensuring sensitive repository operations are limited to specific members Recommendation 3 – Ensuring inactive repositories are reviewed and archived periodically Recommendation 4 – Repositories should be created with auditing enabled Addressing common coding security issues in source control Understanding GitHub code security Recommendation 1 – Implementing dependency tracking in source control Recommendation 2 – Implementing dependency vulnerability assessment and management in source control Recommendation 3 – Implementing an open source license compliance scan Recommendation 4 – Implementing secret protection in source control Hands-on exercise – Performing pre-receive checks and dependency reviews Task 1 – Enabling push protection on Azure DevOps Task 2 – Enabling push protection on GitHub Task 3 – Reviewing dependencies on GitHub Summary Part 3: Securing the Build, Test, Release, and Operate Phases of DevOps 6 Implementing Security in the Build Phase of DevOps Technical requirements Understanding the continuous build and test phases of DevOps Understanding build system options Understanding the security measures in the build phase Securing CI environments and processes Securing the build services and workers Securing the build workers Implementing secure access to build environments and workers Protecting the build environment from malicious code executions Addressing common coding security issues Implementing the Microsoft Security DevOps extension Integrating GitHub Advanced Security code-scanning capabilities into pipelines Integrating GHAS dependency-scanning capabilities into pipelines Hands-on exercises – Integrating security within the build phase Prerequisites Exercise 1 – Integrating SAST, SCA, and secret scanning into the build process Exercise 2 – Onboarding your DevOps platforms to DevOps Security in Microsoft Defender for Cloud Summary 7 Implementing Security in the Test and Release Phases of DevOps Technical requirements Understanding the continuous deployment phase of DevOps Protecting release artifacts in the release phase Ensuring that release artifacts are built from protected branches Implementing a code review process Selecting secure artifact sources Implementing artifact signing for integrity checks Managing secrets securely in the release phase Implementing auditing for the CI/CD environment Implementing security gates in release pipelines Implementing DAST as security gates Challenges of implementing DAST in a DevOps process Implementing security gates in Azure Pipelines and GitHub Actions Hands-on exercise – Integrating security within the build and test phases Prerequisites Task 1 – Implementing artifact signing for integrity checks Task 2 – Integrating DAST tools to find and fix security vulnerabilities in the test phase Summary 8 Continuous Security Monitoring on Azure Technical requirements Understanding continuous monitoring in DevOps Understanding the interconnected risks of Azure and cloud-native applications Securing an application runtime environment Implementing runtime security gates to stop critical risks Implementing runtime security gates using Azure Policy Implementing runtime security gates using the Kubernetes admission controller Implementing continuous security monitoring for runtime environments Protecting applications at runtime in Azure The challenges of runtime protection in modern cloud environments Protecting applications running in Azure App Service Protecting serverless workloads at runtime in Azure Protecting container workloads in Azure Hands-on exercise – Continuous security monitoring on Azure Task 1 – Implementing and operationalizing CSPM Task 2 – Implementing and operationalizing continuous container workload protection Summary Further reading Index Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share Your Thoughts Download a free PDF copy of this book