𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Cloud Auditing Best Practices: Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans

✍ Scribed by Shinesa Cambric, Michael Ratemo

Publisher
Packt Publishing
Year
2023
Tongue
English
Leaves
268
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

Ensure compliance across the top cloud players by diving into AWS, Azure, and GCP cloud auditing to minimize security risks

Key Features

  • Leverage best practices and emerging technologies to effectively audit a cloud environment
  • Get better at auditing and unlock career opportunities in cloud audits and compliance
  • Explore multiple assessments of various features in a cloud environment to see how it's done

Book Description

As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge―so where do you turn?

Cloud Auditing Best Practices has all the information you'll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this book will get you up to speed with cloud auditing before you know it.

After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you'll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company's network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more.

You'll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools.

By the end of this book, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.

What you will learn

  • Understand the cloud shared responsibility and role of an IT auditor
  • Explore change management and integrate it with DevSecOps processes
  • Understand the value of performing cloud control assessments
  • Learn tips and tricks to perform an advanced and effective auditing program
  • Enhance visibility by monitoring and assessing cloud environments
  • Examine IAM, network, infrastructure, and logging controls
  • Use policy and compliance automation with tools such as Terraform

Who this book is for

This book is for IT auditors looking to learn more about assessing cloud environments for compliance, as well as those looking for practical tips on how to audit them and what security controls are available to map to IT general computing controls. Other IT professionals whose job includes assessing compliance, such as DevSecOps teams, identity, and access management analysts, cloud engineers, and cloud security architects, will also find plenty of useful information in this book. Before you get started, you'll need a basic understanding of IT systems and a solid grasp of cybersecurity basics.

Table of Contents

  1. Cloud Architecture and Navigation
  2. Effective Techniques for Preparing to Audit Cloud Environments
  3. Identity and Access Management Controls
  4. Network, Infrastructure, and Security Controls
  5. Financial Resource and Change Management Controls
  6. Tips and Techniques for Advanced Auditing
  7. Tools for Monitoring and Assessing
  8. Walk-Through – Assessing IAM Controls
  9. Walk-Through – Assessing Policy Settings and Resource Controls
  10. Walk-Through – Assessing Change Management, Logging, and Monitoring Policies

✦ Table of Contents

Cover
Title Page
Copyright and Credits
Contributors
About the reviewers
Table of Contents
Preface
Part 1:The Basics of Cloud Architecture and Navigating – Understanding Enterprise Cloud Auditing Essentials
Chapter 1: Cloud Architecture and Navigation
Understanding cloud auditing
Shared responsibility of IT cloud controls
Role of an IT auditor
Cloud architecture and service models
Cloud architecture
Cloud services
Navigating cloud provider environments
Navigating Amazon AWS EC2
Navigating the Microsoft Azure portal
Navigating GCP
Summary
Chapter 2: Effective Techniques for Preparing to Audit Cloud Environments
Preparing to perform a cloud assessment
Effective techniques for aligning IT controls to cloud environments
Auditing frameworks and governance
Basic cloud auditing tools and frameworks
Native tools for auditing Amazon AWS
Native tools for auditing Microsoft’s Azure portal
Native tools for auditing Google Cloud Platform
Open-source tools
Native tools versus open-source tools
Leveraging policy and compliance automation
Summary
Part 2:Cloud Security and IT Controls
Chapter 3: Identity and Access Management Controls
User authentication and authorization
Example IAM controls
Amazon AWS IAM
Microsoft Azure
GCP
Permissions, roles, and groups
Key privileged access, roles, and policies
Device management
Reviewing activity logs
AWS
Azure
GCP
Summary
Chapter 4: Network, Infrastructure, and Security Controls
Security control centers
Amazon Virtual Private Cloud
Azure Virtual Network
Google Cloud Platform Virtual Private Cloud
Network controls
Amazon Virtual Private Cloud
Azure Virtual Network
Google Cloud Platform Virtual Private Cloud
Security policies
Amazon Virtual Private Cloud
Azure Virtual Network
Google Cloud Platform Virtual Private Cloud
Data security
Summary
Chapter 5: Financial Resource and Change Management Controls
Example resource management controls
Center for Internet Security (CIS) benchmark controls
CSA Cloud Controls Matrix
Policies for resource management
Performing changes
Change management integration and workflows
Change history
Financial billing and cost controls
Financial resource ownership
Summary
Part 3:Executing an Effective Enterprise Cloud Audit Plan
Chapter 6: Tips and Techniques for Advanced Auditing
Common pitfalls
Inability to forecast resource usage and costs
The impact of shadow IT
Avoiding automation
Misconfiguration
The inadvertent exposure of credentials
Overly permissive access
Tips, tricks, and techniques
AWS
Azure
GCP
Preparing for more advanced auditing
Other clouds
Oracle Cloud Infrastructure
IBM Cloud
Alibaba Cloud
Summary
Chapter 7: Tools for Monitoring and Assessing
Basic cloud auditing tools within AWS
Amazon CloudWatch
Amazon Inspector
Azure
Azure Monitor
Azure Network Watcher
GCP
Google Cloud Monitoring
Network Intelligence Center
Summary
Chapter 8: Walk-Through – Assessing IAM Controls
Preparing to assess cloud IAM controls
Assessing authentication and authorization
AWS IAM
Microsoft Azure
Assessing access assignment controls
Microsoft Azure
GCP
Assessing privileged access controls
AWS IAM
Microsoft Azure
Assessing device controls
AWS IAM
Microsoft Azure
Summary
Chapter 9: Walk-Through – Assessing Policy Settings and Resource Controls
Preparing to assess network, infrastructure, and resource controls
Assessing network and firewall settings
Microsoft Azure
Assessing resource management policies
Microsoft Azure
GCP
Assessing data security policies
AWS
Microsoft Azure
Summary
Chapter 10: Walk-Through – Assessing Change Management, Logging, and Monitoring Policies
Preparing to assess change management controls
Assessing audit and logging configurations
AWS
Microsoft Azure
GCP
Assessing change management and configuration policies
Azure Automation
Terraform
Policy Sentry
Assessing monitoring and alerting policies
AWS
Azure
GCP
Summary
Index
Other Books You May Enjoy

πŸ“œ SIMILAR VOLUMES

Cloud Auditing Best Practices: Perform S
πŸ“ Cloud Auditing Best Practices: Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans
✍ Shinesa Cambric, Michael Ratemo πŸ“‚ Library πŸ“… 2023 πŸ› Packt Publishing 🌐 English

<p><span>Ensure compliance across the top cloud players by diving into AWS, Azure, and GCP cloud auditing to minimize security risks</span></p><h4><span>Key Features</span></h4><ul><li><span><span>Leverage best practices and emerging technologies to effectively audit a cloud environment</span></span

Cloud Auditing Best Practices: Perform S
πŸ“ Cloud Auditing Best Practices: Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans
✍ Shinesa Cambric, Michael Ratemo πŸ“‚ Library πŸ› Packt Publishing 🌐 English

<p><span>Ensure compliance across the top cloud players by diving into AWS, Azure, and GCP cloud auditing to minimize security risks</span></p><h4><span>Key Features</span></h4><ul><li><span><span>Leverage best practices and emerging technologies to effectively audit a cloud environment</span></span

Cloud Security Auditing
πŸ“ Cloud Security Auditing
✍ Suryadipta Majumdar, Taous Madi, Yushun Wang, Azadeh Tabiban, Momen Oqaily, Amir πŸ“‚ Library πŸ“… 2019 πŸ› Springer International Publishing 🌐 English

<p>This book provides a comprehensive review of the most up to date research related to cloud security auditing and discusses auditing the cloud infrastructure from the structural point of view, while focusing on virtualization-related security properties and consistency between multiple control lay

High Performance Cloud Auditing and Appl
πŸ“ High Performance Cloud Auditing and Applications
✍ Everaldo Aguiar, Yihua Zhang, Marina Blanton (auth.), Keesook J. Han, Baek-Young πŸ“‚ Library πŸ“… 2014 πŸ› Springer-Verlag New York 🌐 English

<p><p>This book mainly focuses on cloud security and high performance computing for cloud auditing. The book discusses emerging challenges and techniques developed for high performance semantic cloud auditing, and presents the state of the art in cloud auditing, computing and security techniques wit

Auditing cloud computing: a security and
πŸ“ Auditing cloud computing: a security and privacy guide
✍ Ben Halpert πŸ“‚ Library πŸ“… 2011 πŸ› Wiley 🌐 English

The auditor's guide to ensuring correct security and privacy practices in a cloud computing environmentMany organizations are reporting or projecting a significant cost savings through the use of cloud computingβ€”utilizing shared computing resources to provide ubiquitous access for organizations and

Cloud Security Handbook: Find out how to
πŸ“ Cloud Security Handbook: Find out how to effectively secure cloud environments using AWS, Azure, and GCP
✍ Eyal Estrin πŸ“‚ Library πŸ“… 2022 πŸ› Packt Publishing 🌐 English

<p><span>A comprehensive reference guide to securing the basic building blocks of cloud services, with actual examples for leveraging Azure, AWS, and GCP built-in services and capabilities</span></p><h4><span>Key Features</span></h4><ul><li><span><span>Discover practical techniques for implementing