Security as Code 1st Edition by Bk Sarthak Das, Virginia Chu ISBN 9781098127459 1098127455

Security as Code 1st Edition by Bk Sarthak Das, Virginia Chu – Ebook PDF Instant Download/Delivery: 9781098127459 ,1098127455
Full download Security as Code 1st Edition after payment

Product details:

ISBN 10: 1098127455
ISBN 13: 9781098127459
Author: Bk Sarthak Das, Virginia Chu

Security as Code 1st Edition Table of contents:

1. Introduction to DevSecOps

Before DevOps: The Software Development Life Cycle

What Is DevSecOps?

Introducing Automatoonz

Cloud Infrastructure: Secure by Default

Move Fast, Secure Fast: The Importance of Automation

DevSecOps Culture

Summary

2. Setting Up Your Environment

What You’ll Need

Installing and Verifying Your Setup

Installing the AWS CLI

Installing the Docker Engine

Checking Your Python Version

Installing Git

Installing Kubernetes

Creating Your First Bare-Bones Pipeline

Summary

3. Securing Your Infrastructure

What Makes Infrastructure Secure?

Hands Off! Preventing Unwanted Access with IAM Permissions

Detecting Misconfigurations

Identifying a Standard

Threat Modeling

Security Controls

Better Than a Cure: Implementing Preventive Controls

Implementation

Summary

4. Logging and Monitoring

What Are Logging and Monitoring—and Why Do They Matter?

Attack Styles

Advanced Persistent Threat Attacks

Ransomware Strains

Passive and Active Attacks

Log Types

Log Storage

Detecting Anomalies

Remediation with AWS Config

Correlating User Activity with CloudTrail

Network Monitoring with an Amazon VPC

Summary

5. Controlling Access Through Automation

The Principle of Least Privilege

Fine-Tuning Access Controls

Use a Tagging System

Clarify Team Responsibilities

Prevent and Detect

The IAM Pipeline

Summary

6. Fault Injection Test

Distributed Systems

Adaptive Security Controls

The True Cost of Downtime

Methods for Minimizing Downtime

Chaos Engineering

Basic Principles

Advanced Principles

Chaos Engineering in AWS Environments

Chaos Engineering at Automatoonz

AWS Fault Injection Simulator Experiment Examples

Kubernetes Pod Stress Testing

Throttling EC2 API Calls

Stress Testing the CPU on an EC2 Instance

Terminating an EC2 Instance

Removing Ingress and Egress Rules from a Security Group

Detaching an EBS Volume from an EC2 Instance

Summary

7. People and Processes

People: Team Structures and Roles

Security Engineers

Developers

Compliance Team

Product Manager

Team Structure

Processes: Practices and Communication

Communicate to the Right People, Consistently

Make Product Owners Accountable for Their Security Findings

Build Threat Modeling into Your Processes

Build Roadmaps to Reach Your DevSecOps Goals

What Next?

Summary

Index

People also search for Security as Code 1st Edition:

    
security as code example
    
security as code tools
    
is cvv the same as security code
    
is cvc the same as security code
    
security code as a number

Tags:

Bk Sarthak Das,Virginia Chu,Security,Code