Practical Cloud Security. A Guide for Secure Design and Deployment
![Język publikacji: angielski Język publikacji: angielski](https://static01.helion.com.pl/global/flagi/1.png)
- Autor:
- Chris Dotson
- +179 pkt
![Practical Cloud Security. A Guide for Secure Design and Deployment Chris Dotson - okładka ebooka](https://static01.helion.com.pl/global/okladki/326x466/e_11q9.png)
![Practical Cloud Security. A Guide for Secure Design and Deployment Chris Dotson - tył okładki ebooka](https://static01.helion.com.pl/global/okladki-tyl/326x466/e_11q9.png)
- Ocena:
- Bądź pierwszym, który oceni tę książkę
- Stron:
- 196
- Dostępne formaty:
-
ePubMobi
Opis ebooka: Practical Cloud Security. A Guide for Secure Design and Deployment
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
Developers, IT architects, and security professionals will learn cloud-specific techniques for securing popular cloud platforms such as Amazon Web Services, Microsoft Azure, and IBM Cloud. Chris Dotson—an IBM senior technical staff member—shows you how to establish data asset management, identity and access management, vulnerability management, network security, and incident response in your cloud environment.
Wybrane bestsellery
-
With rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. In this updated second edition, you'll examine security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises pr...(153.05 zł najniższa cena z 30 dni)
152.55 zł
179.00 zł(-15%) -
W związku z szybko zmieniającą się architekturą automatyzacji opartej na interfejsach API, platformy w chmurze stanęły wobec niespotykanych dotychczas wyzwań i możliwości w zakresie zapewnienia bezpieczeństwa. W niniejszej książce omówiono najlepsze praktyki dotyczące bezpieczeństwa środowisk w c...(56.98 zł najniższa cena z 30 dni)
57.74 zł
74.00 zł(-22%) -
This book helps you learn about modern distributed apps that run in the cloud on an infinite scale using containers, their architecture, and benefits; how to implement them within your development life cycle; and run them in production using modern DevOps tools, practices, and techniques.
Modern DevOps Practices. Implement, secure, and manage applications on the public cloud by leveraging cutting-edge tools - Second Edition Modern DevOps Practices. Implement, secure, and manage applications on the public cloud by leveraging cutting-edge tools - Second Edition
-
This book provides a holistic understanding of observability concepts using the Grafana Labs tools, teaching you how to fully leverage the LGTM stack.
Observability with Grafana. Monitor, control, and visualize your Kubernetes and cloud platforms using the LGTM stack Observability with Grafana. Monitor, control, and visualize your Kubernetes and cloud platforms using the LGTM stack
-
This book is an invaluable resource for designing and building secure, scalable, resilient, and efficient cloud systems that grow with your business. With practical guidance, you’ll learn best practices for using different cloud vendors and tools.
The Cloud Computing Journey. Design and deploy resilient and secure multi-cloud systems with practical guidance The Cloud Computing Journey. Design and deploy resilient and secure multi-cloud systems with practical guidance
-
Machine Learning Security with Azure will help you assess the vulnerabilities in your data, models, and environments, and implement the latest industry security best practices. You’ll get to grips with managing, securing, and monitoring your Azure machine learning workloads throughout the ...
Machine Learning Security with Azure. Best practices for assessing, securing, and monitoring Azure Machine Learning workloads Machine Learning Security with Azure. Best practices for assessing, securing, and monitoring Azure Machine Learning workloads
-
Software containers are the new lightweight and platform-independent application artifacts used to run the processes of an app’s components on standalone or orchestrated distributed environments. This book shows you how to create, share, and run your apps within containers using best pract...
Containers for Developers Handbook. A practical guide to developing and delivering applications using software containers Containers for Developers Handbook. A practical guide to developing and delivering applications using software containers
-
Microsoft 365 Certified Fundamentals certification solidifies your foundational knowledge of cloud services, specifically the software as a service (SaaS) model. This updated third edition covers all the recent and important changes in the examination to help you achieve certification.
Microsoft 365 Certified Fundamentals MS-900 Exam Guide. Gain the knowledge and problem-solving skills needed to pass the MS-900 exam on your first attempt - Third Edition Microsoft 365 Certified Fundamentals MS-900 Exam Guide. Gain the knowledge and problem-solving skills needed to pass the MS-900 exam on your first attempt - Third Edition
-
If your organization plans to modernize services and move to the cloud from legacy software or a private cloud on premises, this book is for you. Software developers, solution architects, cloud engineers, and anybody interested in cloud technologies will learn fundamental concepts for cloud compu...(202.57 zł najniższa cena z 30 dni)
202.37 zł
239.00 zł(-15%)
Ebooka "Practical Cloud Security. A Guide for Secure Design and Deployment" przeczytasz na:
-
czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
-
systemach Windows, MacOS i innych
-
systemach Windows, Android, iOS, HarmonyOS
-
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi
Masz pytania? Zajrzyj do zakładki Pomoc »
Audiobooka "Practical Cloud Security. A Guide for Secure Design and Deployment" posłuchasz:
-
w aplikacji Ebookpoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych
-
na dowolnych urządzeniach i aplikacjach obsługujących format MP3 (pliki spakowane w ZIP)
Masz pytania? Zajrzyj do zakładki Pomoc »
Kurs Video "Practical Cloud Security. A Guide for Secure Design and Deployment" zobaczysz:
-
w aplikacjach Ebookpoint i Videopoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych z dostępem do najnowszej wersji Twojej przeglądarki internetowej
Szczegóły ebooka
- ISBN Ebooka:
- 978-14-920-3746-0, 9781492037460
- Data wydania ebooka:
-
2019-03-04
Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
- Język publikacji:
- angielski
- Rozmiar pliku ePub:
- 2.8MB
- Rozmiar pliku Mobi:
- 8.3MB
Spis treści ebooka
- Preface
- Conventions Used in This Book
- OReilly Online Learning Platform
- How to Contact Us
- Acknowledgments
- 1. Principles and Concepts
- Least Privilege
- Defense in Depth
- Threat Actors, Diagrams, and Trust Boundaries
- Cloud Delivery Models
- The Cloud Shared Responsibility Model
- Risk Management
- 2. Data Asset Management and Protection
- Data Identification and Classification
- Example Data Classification Levels
- Relevant Industry or Regulatory Requirements
- Data Identification and Classification
- Data Asset Management in the Cloud
- Tagging Cloud Resources
- Protecting Data in the Cloud
- Tokenization
- Encryption
- Encryption of data in use
- Encryption of data at rest
- Key management
- Server-side and client-side encryption
- Cryptographic erasure
- How encryption foils different types of attacks
- Attacker gains unauthorized access to physical media
- Attacker gains unauthorized access to the platform or storage system
- Attacker gains unauthorized access to the hypervisor
- Attacker gains unauthorized access to the operating system
- Attacker gains unauthorized access to the application
- Summary
- 3. Cloud Asset Management and Protection
- Differences from Traditional IT
- Types of Cloud Assets
- Compute Assets
- Virtual machines
- Containers
- Native container model
- Mini-VM container model
- Container orchestration systems
- Application Platform as a Service
- Serverless
- Compute Assets
- Storage Assets
- Block storage
- File storage
- Object storage
- Images
- Cloud databases
- Message queues
- Configuration storage
- Secrets configuration storage
- Encryption key storage
- Certificate storage
- Source code repositories and deployment pipelines
- Network Assets
- Virtual private clouds and subnets
- Content delivery networks
- DNS records
- TLS certificates
- Load balancers, reverse proxies, and web application firewalls
- Asset Management Pipeline
- Procurement Leaks
- Processing Leaks
- Tooling Leaks
- Findings Leaks
- Tagging Cloud Assets
- Summary
- 4. Identity and Access Management
- Differences from Traditional IT
- Life Cycle for Identity and Access
- Request
- Approve
- Create, Delete, Grant, or Revoke
- Authentication
- Cloud IAM Identities
- Business-to-Consumer and Business-to-Employee
- Multi-Factor Authentication
- Passwords and API Keys
- Shared IDs
- Federated Identity
- Single Sign-On
- SAML and OIDC
- SSO with legacy applications
- Instance Metadata and Identity Documents
- Secrets Management
- Authorization
- Centralized Authorization
- Roles
- Revalidate
- Putting It All Together in the Sample Application
- Summary
- 5. Vulnerability Management
- Differences from Traditional IT
- Vulnerable Areas
- Data Access
- Application
- Middleware
- Operating System
- Network
- Virtualized Infrastructure
- Physical Infrastructure
- Finding and Fixing Vulnerabilities
- Network Vulnerability Scanners
- Agentless Scanners and Configuration Management
- Agent-Based Scanners and Configuration Management
- Credentials
- Deployment
- Network
- Cloud Provider Security Management Tools
- Container Scanners
- Dynamic Application Scanners (DAST)
- Static Application Scanners (SAST)
- Software Composition Analysis Scanners (SCA)
- Interactive Application Scanners (IAST)
- Runtime Application Self-Protection Scanners (RASP)
- Manual Code Reviews
- Penetration Tests
- User Reports
- Example Tools for Vulnerability and Configuration Management
- Risk Management Processes
- Vulnerability Management Metrics
- Tool Coverage
- Mean Time to Remediate
- Systems/Applications with Open Vulnerabilities
- Percentage of False Positives
- Percentage of False Negatives
- Vulnerability Recurrence Rate
- Change Management
- Putting It All Together in the Sample Application
- Summary
- 6. Network Security
- Differences from Traditional IT
- Concepts and Definitions
- Whitelists and Blacklists
- DMZs
- Proxies
- Software-Defined Networking
- Network Features Virtualization
- Overlay Networks and Encapsulation
- Virtual Private Clouds
- Network Address Translation
- IPv6
- Putting It All Together in the Sample Application
- Encryption in Motion
- Firewalls and Network Segmentation
- Perimeter control
- Internal segmentation
- Security groups
- Service endpoints
- Container firewalling and network segmentation
- Allowing Administrative Access
- Bastion hosts
- Virtual private networks (VPNs)
- Site-to-site VPNs
- Client-to-site VPNs
- Web Application Firewalls and RASP
- Anti-DDoS
- Intrusion Detection and Prevention Systems
- Egress Filtering
- Data Loss Prevention
- Summary
- 7. Detecting, Responding to, and Recovering from Security Incidents
- Differences from Traditional IT
- What to Watch
- Privileged User Access
- Logs from Defensive Tooling
- Anti-DDoS
- Web application firewalls
- Firewalls and intrusion detection systems
- Antivirus
- Endpoint detection and response
- File integrity monitoring
- Cloud Service Logs and Metrics
- Operating System Logs and Metrics
- Middleware Logs
- Secrets Server
- Your Application
- How to Watch
- Aggregation and Retention
- Parsing Logs
- Searching and Correlation
- Alerting and Automated Response
- Security Information and Event Managers
- Threat Hunting
- Preparing for an Incident
- Team
- Plans
- Tools
- Responding to an Incident
- Cyber Kill Chains
- The OODA Loop
- Cloud Forensics
- Blocking Unauthorized Access
- Stopping Data Exfiltration and Command and Control
- Recovery
- Redeploying IT Systems
- Notifications
- Lessons Learned
- Example Metrics
- Example Tools for Detection, Response, and Recovery
- Putting It All Together in the Sample Application
- Monitoring the Protective Systems
- Monitoring the Application
- Monitoring the Administrators
- Understanding the Auditing Infrastructure
- Summary
- Index
O'Reilly Media - inne książki
-
With the shift from data warehouses to data lakes, data now lands in repositories before it's been transformed, enabling engineers to model raw data into clean, well-defined datasets. dbt (data build tool) helps you take data further. This practical book shows data analysts, data engineers, BI de...(203.24 zł najniższa cena z 30 dni)
203.14 zł
239.00 zł(-15%) -
Get a concise yet comprehensive overview of Airtable, one of the most versatile platforms to emerge from the no-code movement. Whether you're planning a new project, sharing data analysis within your organization, tracking a detailed initiative among stakeholders, or dealing with any other projec...(244.90 zł najniższa cena z 30 dni)
244.70 zł
289.00 zł(-15%) -
Implementing and designing systems that make suggestions to users are among the most popular and essential machine learning applications available. Whether you want customers to find the most appealing items at your online store, videos to enrich and entertain them, or news they need to know, rec...(243.86 zł najniższa cena z 30 dni)
243.81 zł
289.00 zł(-16%) -
Cyber risk management is one of the most urgent issues facing enterprises today. This book presents a detailed framework for designing, developing, and implementing a cyber risk management program that addresses your company's specific needs. Ideal for corporate directors, senior executives, secu...(177.33 zł najniższa cena z 30 dni)
177.23 zł
219.00 zł(-19%) -
Learn the core concepts of Vue.js, the modern JavaScript framework for building frontend applications and interfaces from scratch. With concise, practical, and clear examples, this book takes web developers step-by-step through the tools and libraries in the Vue.js ecosystem and shows them how to...(204.20 zł najniższa cena z 30 dni)
204.00 zł
239.00 zł(-15%) -
Many UX designers are surprised to learn that much of the job isn't about drawing things. It's about knowing what to draw and how to convince people to build it. Whether you're a one-person design team making products from scratch or a C-level product leader managing many products and strategies,...(152.23 zł najniższa cena z 30 dni)
152.03 zł
179.00 zł(-15%) -
With demand for scaling, real-time access, and other capabilities, businesses need to consider building operational machine learning pipelines. This practical guide helps your company bring data science to life for different real-world MLOps scenarios. Senior data scientists, MLOps engineers, and...(245.65 zł najniższa cena z 30 dni)
245.91 zł
289.00 zł(-15%) -
As tech products become more prevalent today, the demand for machine learning professionals continues to grow. But the responsibilities and skill sets required of ML professionals still vary drastically from company to company, making the interview process difficult to predict. In this guide, dat...(245.65 zł najniższa cena z 30 dni)
246.17 zł
289.00 zł(-15%) -
Analytics projects are frequently long, drawn-out affairs, requiring multiple teams and skills to clean, join, and eventually turn data into analysis for timely decision-making. Alteryx Designer changes all of that. With this low-code, self-service, drag-and-drop workflow platform, new and experi...(244.07 zł najniższa cena z 30 dni)
243.97 zł
289.00 zł(-16%) -
Explore the theory and practice of designing and writing serverless applications using examples from the Knative project. With this practical guide, mid-level to senior application developers and team managers will learn when and why to target serverless platforms when developing microservices or...(203.13 zł najniższa cena z 30 dni)
202.93 zł
239.00 zł(-15%)
Dzieki opcji "Druk na żądanie" do sprzedaży wracają tytuły Grupy Helion, które cieszyły sie dużym zainteresowaniem, a których nakład został wyprzedany.
Dla naszych Czytelników wydrukowaliśmy dodatkową pulę egzemplarzy w technice druku cyfrowego.
Co powinieneś wiedzieć o usłudze "Druk na żądanie":
- usługa obejmuje tylko widoczną poniżej listę tytułów, którą na bieżąco aktualizujemy;
- cena książki może być wyższa od początkowej ceny detalicznej, co jest spowodowane kosztami druku cyfrowego (wyższymi niż koszty tradycyjnego druku offsetowego). Obowiązująca cena jest zawsze podawana na stronie WWW książki;
- zawartość książki wraz z dodatkami (płyta CD, DVD) odpowiada jej pierwotnemu wydaniu i jest w pełni komplementarna;
- usługa nie obejmuje książek w kolorze.
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka, którą chcesz zamówić pochodzi z końcówki nakładu. Oznacza to, że mogą się pojawić drobne defekty (otarcia, rysy, zagięcia).
Co powinieneś wiedzieć o usłudze "Końcówka nakładu":
- usługa obejmuje tylko książki oznaczone tagiem "Końcówka nakładu";
- wady o których mowa powyżej nie podlegają reklamacji;
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka drukowana
![Loader](https://static01.helion.com.pl/ebookpoint/img/ajax-loader.gif)
Zamknij
Przeczytaj darmowy fragment
![ajax-loader](https://static01.helion.com.pl/ebookpoint/img/ajax-loader.gif)
Oceny i opinie klientów: Practical Cloud Security. A Guide for Secure Design and Deployment Chris Dotson (0)
Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.