Cover image for Cloud Native Security Cookbook

Cloud Native Security Cookbook

Author Josh Armitage
Release Date: 2022/06/01
ISBN: 9781098106294
Topic:
0%
9
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

With the rise of the cloud, every aspect of IT has been shaken to its core. The fundamentals for building systems are changing, and although many of the principles that underpin security still ring true, their implementation has become unrecognizable. This practical book provides recipes for AWS, Azure, and GCP to help you enhance the security of your own cloud native systems.

Based on his hard-earned experience working with some of the world's biggest enterprises and rapidly iterating startups, consultant Josh Armitage covers the trade-offs that security professionals, developers, and infrastructure gurus need to make when working with different cloud providers. Each recipe discusses the inherent trade-offs, as well as where clouds have similarities and where they're fundamentally different.

  • Learn how the cloud provides superior security to what was achievable in an on-premises world
  • Understand the principles and mental models that enable you to make optimal trade-offs as part of your solution
  • Learn how to implement existing solutions that are robust and secure, and devise design solutions to new and interesting problems
  • Deal with security challenges and solutions both horizontally and vertically within your business

Table of Contents

  1. 1. Security in the Modern Organization
    1. 1.1. Why Security is Critical
    2. 1.2. What is Meant by Cloud Native Security?
    3. 1.3. Where Security Fits in the Modern Company
    4. 1.4. The Purpose of Modern Security
    5. 1.5. DevSecOps
    6. 1.6. How to Measure the Impact of Security
    7. 1.7. The Principles of Security
    8. 1.8. Security Glossary
  2. 2. Setting Up Accounts and Users
    1. 2.1. Scalable Project Structures on GCP
    2. 2.2. Scalable Account Structures on AWS
    3. 2.3. Scalable Subscription Structures on Azure
    4. 2.4. Region Locking On GCP
    5. 2.5. Region Locking On AWS
    6. 2.6. Region Locking On Azure
    7. 2.7. Centralizing Users On GCP
    8. 2.8. Centralizing Users On AWS
    9. 2.9. Centralizing Users On Azure
  3. 3. Getting Security Visibility At Scale
    1. 3.1. Building a Cloud Native Security Operations Center on GCP
    2. 3.2. Building a Cloud Native Security Operations Center on AWS
    3. 3.3. Building a Cloud Native Security Operations Center on Azure
    4. 3.4. Centralizing Logs on GCP
    5. 3.5. Centralizing Logs on AWS
    6. 3.6. Centralizing Logs on Azure
    7. 3.7. Log Anomaly Alerting on GCP
    8. 3.8. Log Anomaly Alerting on AWS
    9. 3.9. Log Anomaly Alerting on Azure
    10. 3.10. Building an Asset Registry on GCP
    11. 3.11. Building an Asset Registry on AWS
    12. 3.12. Building an Asset Registry on Azure
  4. 4. Protecting Your Data
    1. 4.1. Encrypting Data at Rest on GCP
    2. 4.2. Encrypting Data at Rest on AWS
    3. 4.3. Encrypting Data at Rest on Azure
    4. 4.4. Encrypting Data from GCP
    5. 4.5. Encrypting Data from AWS
    6. 4.6. Encrypting Data from Azure
    7. 4.7. Enforcing Data Encryption in Transit on GCP
    8. 4.8. Enforcing Data Encryption in Transit on AWS
    9. 4.9. Enforcing Data Encryption in Transit on Azure
    10. 4.10. Preventing Data Loss on GCP
    11. 4.11. Preventing Data Loss on AWS
    12. 4.12. Preventing Data Loss on Azure
  5. 5. Secure Networking
    1. 5.1. Networking Foundations on GCP
    2. 5.2. Networking Foundations on AWS
    3. 5.3. Networking Foundations on Azure
    4. 5.4. Enabling External Access on GCP
    5. 5.5. Enabling External Access on AWS
    6. 5.6. Enabling External Access on Azure
    7. 5.7. Allowing Access to Internal Resources on GCP
    8. 5.8. Allowing Access to Internal Resources on AWS
    9. 5.9. Allowing Access to Internal Resources on Azure
    10. 5.10. Controlling External Network Connectivity on GCP
    11. 5.11. Controlling External Network Connectivity on AWS
    12. 5.12. Controlling External Network Connectivity on Azure
    13. 5.13. Keeping Data off Public Networking on GCP
    14. 5.14. Keeping Data off Public Networking on AWS
    15. 5.15. Keeping Data off Public Networking on Azure