Securing Devops: Safe Services in the Cloud

✍ Scribed by Julien Vehent

Publisher: Manning Publications
Year: 2018
Tongue: English
Leaves: 401
Edition: 1
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

Securing DevOps explores how the techniques of DevOps and security should be applied together to make cloud services safer. This introductory book reviews the latest practices used in securing web applications and their infrastructure and teaches you techniques to integrate security directly into your product. You'll also learn the core concepts of DevOps, such as continuous integration, continuous delivery, and infrastructure as a service.

About the Technology
An application running in the cloud can benefit from incredible efficiencies, but they come with unique security threats too. A DevOps team's highest priority is understanding those risks and hardening the system against them.

About the Book
Securing DevOps teaches you the essential techniques to secure your cloud services. Using compelling case studies, it shows you how to build security into automated testing, continuous delivery, and other core DevOps processes. This experience-rich book is filled with mission-critical strategies to protect web applications against attacks, deter fraud attempts, and make your services safer when operating at scale. You'll also learn to identify, assess, and secure the unique vulnerabilities posed by cloud deployments and automation tools commonly used in modern infrastructures.

What's inside
• An approach to continuous security
• Implementing test-driven security in DevOps
• Security techniques for cloud services
• Watching for fraud and responding to incidents
• Security testing and risk assessment

About the Reader
Readers should be comfortable with Linux and standard DevOps practices like CI, CD, and unit testing.

About the Author
Julien Vehent is a security architect and DevOps advocate. He leads the Firefox Operations Security team at Mozilla, and is responsible for the security of Firefox's high-traffic cloud services and public websites.

✦ Table of Contents

Securing DevOps

PART 1. Case study: applying layers of security to a simple DevOps pipeline
2. Building a barebones DevOps pipeline
3. Security layer 1: protecting web applications
4. Security layer 2: protecting cloud infrastructures
5. Security layer 3: securing communications
6. Security layer 4: securing the delivery pipeline

PART 2. Watching for anomalies and protecting services against attacks
7. Collecting and storing logs
8. Analyzing logs for fraud and attacks
9. Detecting intrusions
10. The Caribbean breach: a case study in incident response

PART 3. Maturing DevOps security
11. Assessing risks
12. Testing security
13. Continuous security

✦ Subjects

DevOps; Amazon Web Services; Anomaly Detection; Security; Intrusion Detection; Log Data Analysis; Web Applications; PostgreSQL; Infrastructure as a Service; Monitoring; Logging; Docker; Cryptography; Risk Assessment; Risk Management; GitHub; Continuous Delivery; Geospatial Data; Continuous Integration; Access Management; HTTPS; Fraud Detection; Testing; AWS Elastic Cloud; XSS; Continuous Security; Test-driven Security; SSL/TLS; Let’s Encrypt; CircleCI; Suricata

📜 SIMILAR VOLUMES

Securing Cloud Services - A Pragmatic Ap

📁 Securing Cloud Services - A Pragmatic Approach to Security Architecture in the Cloud

✍ Newcombe, Lee 📂 Library 📅 2012 🏛 IT Governance Publishing

This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud. Part 1 introduces Cloud Computing and describes the main service models (IaaS, PaaS and SaaS

Modern DevOps Practices: Implement and s

📁 Modern DevOps Practices: Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques

✍ Gaurav Agarwal 📂 Library 📅 2021 🏛 Packt Publishing 🌐 English

<p><b>Enhance DevOps workflows by integrating the functionalities of Docker, Kubernetes, Spinnaker, Ansible, Terraform, Flux CD, CaaS, and more with the help of practical examples and expert tips</b></p><h4>Key Features</h4><ul><li>Get up and running with containerization-as-a-service and infrastruc

Modern DevOps Practices: Implement and s

📁 Modern DevOps Practices: Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques

✍ Gaurav Agarwal 📂 Library 📅 2021 🏛 Packt Publishing 🌐 English

Securing Cloud Services: A Pragmatic Gui

📁 Securing Cloud Services: A Pragmatic Guide

✍ Lee Newcombe 📂 Library 📅 2020 🏛 IT Governance Publishing 🌐 English

Securing Cloud Services - A pragmatic guide gives an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud. The book: Introduces the concepts of Cloud computing and the

Pro Powershell for Amazon Web Services:

📁 Pro Powershell for Amazon Web Services: DevOps for the AWS Cloud

✍ Brian Beach (auth.) 📂 Library 📅 2014 🏛 Apress 🌐 English

<p><em>Pro PowerShell for Amazon Web Services</em> is written specifically for Windows professionals who already know PowerShell and want to learn to host Windows workloads in the Amazon Elastic Cloud Compute (EC2) cloud service. The cloud offers information technology workers significant cost savin

Pro PowerShell for Amazon Web Services:

📁 Pro PowerShell for Amazon Web Services: DevOps for the AWS Cloud

✍ Brian Beach 📂 Library 📅 2014 🏛 Apress 🌐 English

Pro PowerShell for Amazon Web Services is written specifically for Windows professionals who already know PowerShell and want to learn to host Windows workloads in the Amazon Elastic Cloud Compute (EC2) cloud service. The cloud offers information technology workers significant cost savings and agili