Learning DevSecOps

(ebook) (audiobook) (audiobook)

Autor:: Steve Suehring

Learning DevSecOps Steve Suehring - okładka ebooka

Learning DevSecOps Steve Suehring - okładka audiobooka MP3

Learning DevSecOps Steve Suehring - okładka audiobooks CD

Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 194
Dostępne formaty:: ePub

Mobi

+177 pkt

Ebook (160,65 zł najniższa cena z 30 dni)

~~209,00 zł~~ (-15%)
177,65 zł

Dodaj do koszyka lub Kup na prezent
Kup 1-kliknięciem

( 160,65 zł najniższa cena z 30 dni)

Przenieś na półkę

Do przechowalni

How do some organizations maintain 24-7 internet-scale operations? How can organizations integrate security while continuously deploying new features? How do organizations increase security within their DevOps processes?

This practical guide helps you answer those questions and more. Author Steve Suehring provides unique content to help practitioners and leadership successfully implement DevOps and DevSecOps. Learning DevSecOps emphasizes prerequisites that lead to success through best practices and then takes you through some of the tools and software used by successful DevSecOps-enabled organizations.

You'll learn how DevOps and DevSecOps can eliminate the walls that stand between development, operations, and security so that you can tackle the needs of other teams early in the development lifecycle.

With this book, you will:

Learn why DevSecOps is about culture and processes, with tools to support the processes
Understand why DevSecOps practices are key elements to deploying software in a 24-7 environment
Deploy software using a DevSecOps toolchain and create scripts to assist
Integrate processes from other teams earlier in the software development lifecycle
Help team members learn the processes important for successful software development

Wybrane bestsellery

Ebooka "Learning DevSecOps" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka "Learning DevSecOps" posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolnych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video "Learning DevSecOps" zobaczysz:

Oceny i opinie klientów: Learning DevSecOps Steve Suehring (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.

Szczegóły ebooka

ISBN Ebooka:: 978-10-981-4482-1, 9781098144821
Data wydania ebooka:: 2024-05-17 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: angielski
Rozmiar pliku ePub:: 6.2MB
Rozmiar pliku Mobi:: 14.3MB

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Hacking » Bezpieczeństwo WWW

Spis treści ebooka

Preface
- What Is DevSecOps?
- Who Is This Book For?
- How This Book Is Organized
- Conventions Used in This Book
- OReilly Online Learning
- How to Contact Us
- Acknowledgments
1. The Need for DevSecOps
- Developing Software
  - Developing Agility
  - Developing Broken Software
  - Operating in a Darkroom
  - Security as an Afterthought
- Culture First
- Processes over Tools
  - Promoting the Right Skills
  - DevSecOps as Process
    - Hammers and screwdrivers
    - Repeatability
    - Visibility
    - Reliability, speed, and scale
    - Microservices and architectural features
- The DevSecOps SDLC
- Summary
2. Foundational Knowledge in 25 Pages or Less
- The Command-Line Interface
  - Command Line Versus Terminal Versus Shell
  - Why Do I Need the Command Line?
  - Getting Started with the Command Line
- Protocols: A High-Level Overview
  - Protocol Layers
  - Two Protocols Plus Another
  - Basic Internet Protocols
    - DNS
    - Hostname resolution
    - Start of Authority and time-to-live
    - HTTP
    - Other protocols
- Data Security: Confidentiality, Integrity, and Availability
- Development Overview for Scripting
  - Commands and Built-ins
  - Basic Programmatic Constructs: Variables, Data, and Data Types
  - Making Decisions with Conditionals
  - Looping
  - Lists and Arrays
- Summary
3. Integrating Security
- Integrating Security Practices
  - Implementing Least Privilege
    - Setting file and directory access in Linux
    - Role-based access control (RBAC)
  - Maintaining Confidentiality
  - Data in Flight
    - Eavesdropping on email
    - Wired versus WiFi versus offline
  - Data at Rest
- Verifying Integrity
  - Checksums
  - Verifying Email
- Providing Availability
  - Service-Level Agreements and Service-Level Objectives
  - Identifying Stakeholders
  - Identifying Availability Needs
  - Defining Availability and Estimating Costs
- What About Accountability?
  - Site Reliability Engineering
  - Code Traceability and Static Analysis
    - Static analysis and code review
    - Compliance and regulatory issues
- Becoming Security Aware
  - Finding Formal Training
  - Obtaining Free Knowledge
  - Enlightenment Through Log Analysis
- Practical Implementation: OWASP ZAP
  - Creating a Target
  - Installing ZAP
  - Getting Started with ZAP: Manual Scan
    - ZAP modes
    - Using an automated scan
- Summary
4. Managing Code and Testing
- Examining Development
  - Be Intentional and Deliberate
  - Dont Repeat Yourself
- Managing Source Code with Git
  - A Simple Setup for Git
  - Using Git (Briefly)
  - Branching and Merging
  - Examining the Gitflow Pattern
  - Examining the Trunk-Based Pattern
- Testing Code
  - Unit Testing
  - Integration Testing
  - System Testing
  - Automating Tests
    - Retrieving a page using Selenium and Firefox
    - Retrieving text with Selenium and Python
- Summary
5. Moving Toward Deployment
- Managing Configuration as Code and Software Bill of Materials (SBOM)
- Using Docker
  - Container and Image Concepts
  - Obtaining Images
    - Docker Hub
    - Using the Docker command
    - Using a local network registry
- Deploying Safely with Blue-Green Deployment
- Summary
6. Deploy, Operate, and Monitor
- Continuous Integration and Continuous Deployment
  - Building and Maintaining Environments with Ansible
  - Using Jenkins for Deployment
  - Creating a Pipeline
- Monitoring
- Summary
7. Plan and Expand
- Scaling Up with Kubernetes
  - Understanding Basic Kubernetes Terms
  - Installing Kubernetes
    - Adding networking
    - Re-creating the join command
- Deploying with Kubernetes
  - Defining a Deployment
    - Using a ConfigMap
    - Creating the Deployment file
    - Running the Deployment
    - Verifying the Deployment
  - Defining a Service
  - Moving Toward Microservices
  - Connecting the Resources
- Integrating Helm
- Summary
8. Beyond DevSecOps
- DevSecOps Patterns
  - Shifting Left and Adding CI/CD
  - Multicloud Integration
  - Integrated and Automatic Security
  - Linux Everywhere
  - Refactor and Redeploy
- Summary
A. Ports and Protocols
B. Command Reference
- Basic Command-Line Navigation
  - Directory Listing
  - Pager
  - Command Recall and Tab Completion
  - Creating Directories
  - Changing Permissions and Ownership
  - Screen Is Your Friend
  - Using grep
  - Using touch
- DNS with dig
  - Determine Address for a Host
  - Changing the Server to Be Queried
  - Finding the Authoritative Nameserver
  - Querying the Authoritative Nameserver
  - Finding Mail Servers
  - Finding SPF and TXT Records
  - Examining the Root
Index

pokaż cały spis treści

Learning DevSecOps

Ebook (160,65 zł najniższa cena z 30 dni)