Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20

Security as Code

DevSecOps Patterns with AWS

Paperback Engels 2023 9781098127466
Verkooppositie 5563Hoogste positie: 5563
Verwachte levertijd ongeveer 8 werkdagen


DevOps engineers, developers, and security engineers have ever-changing roles to play in today's cloud native world. In order to build secure and resilient applications, you have to be equipped with security knowledge. Enter security as code.

In this book, authors BK Sarthak Das and Virginia Chu demonstrate how to use this methodology to secure any application and infrastructure you want to deploy. With Security as Code, you'll learn how to create a secure containerized application with Kubernetes using CI/CD tooling from AWS and open source providers.

This practical book also provides common patterns and methods to securely develop infrastructure for resilient and highly available backups that you can restore with just minimal manual intervention.

- Learn the tools of the trade, using Kubernetes and the AWS Code Suite
- Set up infrastructure as code and run scans to detect misconfigured resources in your code
- Create secure logging patterns with CloudWatch and other tools
- Restrict system access to authorized users with role-based access control (RBAC)
- Inject faults to test the resiliency of your application with AWS Fault Injector or open source tooling
- Learn how to pull everything together into one deployment


Aantal pagina's:200
Hoofdrubriek:IT-management / ICT


Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht


Who Is This Book For?
What Do You Need To Get Started?
What's in This Book?
Conventions Used in This Book
Using Code Examples
O'Reilly Online Learning
How to Contact Us

1. Introduction to DevSecOps
Before DevOps: The Software Development Life Cycle
What Is DevSecOps?
Introducing Automatoonz
Cloud Infrastructure: Secure by Default
Move Fast, Secure Fast: The Importance of Automation
DevSecOps Culture

2. Setting Up Your Environment
What You'll Need
Installing and Verifying Your Setup
Installing the AWS CLI
Installing the Docker Engine
Checking Your Python Version
Installing Git
Installing Kubernetes
Creating Your First Bare-Bones Pipeline

3. Securing Your Infrastructure
What Makes Infrastructure Secure?
Hands Off! Preventing Unwanted Access with IAM Permissions
Detecting Misconfigurations
Identifying a Standard
Threat Modeling
Security Controls
Better Than a Cure: Implementing Preventive Controls

4. Logging and Monitoring
What Are Logging and Monitoring—and Why Do They Matter?
Attack Styles
Advanced Persistent Threat Attacks
Ransomware Strains
Passive and Active Attacks
Log Types
Log Storage
Detecting Anomalies
Remediation with AWS Config
Correlating User Activity with CloudTrail
Network Monitoring with an Amazon VPC

5. Controlling Access Through Automation
The Principle of Least Privilege
Fine-Tuning Access Controls
Use a Tagging System
Clarify Team Responsibilities
Prevent and Detect
The IAM Pipeline

6. Fault Injection Test
Distributed Systems
Adaptive Security Controls
The True Cost of Downtime
Methods for Minimizing Downtime
Chaos Engineering
Basic Principles
Advanced Principles
Chaos Engineering in AWS Environments
Chaos Engineering at Automatoonz
AWS Fault Injection Simulator Experiment Examples
Kubernetes Pod Stress Testing
Throttling EC2 API Calls
Stress Testing the CPU on an EC2 Instance
Terminating an EC2 Instance
Removing Ingress and Egress Rules from a Security Group
Detaching an EBS Volume from an EC2 Instance

7. People and Processes
People: Team Structures and Roles
Security Engineers
Compliance Team
Product Manager
Team Structure
Processes: Practices and Communication
Communicate to the Right People, Consistently
Make Product Owners Accountable for Their Security Findings
Build Threat Modeling into Your Processes
Build Roadmaps to Reach Your DevSecOps Goals
What Next?

About the Authors

Managementboek Top 100


Populaire producten



        Security as Code