Computer ScienceScience & MathematicsEconomics & FinanceBusiness & ManagementPolitics & GovernmentHistoryPhilosophy

Security as Code

DevSecOps Patterns with AWS

by BK Sarthak Das, Virginia Chu

Security as Code

Subscribe to new books via telegram channel

DescriptionTable of ContentsDetailsHashtagsReport an issue

Book Description

DevOps engineers, developers, and security engineers have ever-changing roles to play in today's cloud native world. In order to build secure and resilient applications, you have to be equipped with security knowledge. Enter security as code.

In this book, authors BK Sarthak Das and Virginia Chu demonstrate how to use this methodology to secure any application and infrastructure you want to deploy. With Security as Code, you'll learn how to create a secure containerized application with Kubernetes using CI/CD tooling from AWS and open source providers.

This practical book also provides common patterns and methods to securely develop infrastructure for resilient and highly available backups that you can restore with just minimal manual intervention.

- Learn the tools of the trade, using Kubernetes and the AWS Code Suite.
- Set up infrastructure as code and run scans to detect misconfigured resources in your code.
- Create secure logging patterns with CloudWatch and other tools.
- Restrict system access to authorized users with role-based access control (RBAC).
- Inject faults to test the resiliency of your application with AWS Fault Injector or open source tooling.
- Learn how to pull everything together into one deployment.

This open access book is Complimented by Nginx. You can download Security as Code ebook for free in PDF format (3.3 MB).

Table of Contents

Chapter 1
Introduction to DevSecOps
Chapter 2
Setting Up Your Environment
Chapter 3
Securing Your Infrastructure
Chapter 4
Logging and Monitoring
Chapter 5
Controlling Access Through Automation
Chapter 6
Fault Injection Test
Chapter 7
People and Processes

Book Details

Security as Code
Computer Science
O'Reilly Media
ISBN13 Digital
ISBN10 Digital
PDF Size
3.3 MB
Compliments of Nginx

Related Books

How To Code in Node.js
Node.js is a popular open-source runtime environment that can execute JavaScript outside of the browser. The Node runtime is commonly used for back-end web development, leveraging its asynchronous capabilities to create networking applications and web servers. Node is also a popular choice for building command line tools. In this book, you will ...
Building the Infrastructure for Cloud Security
For cloud users and providers alike, security is an everyday concern, yet there are very few books covering cloud security as a main subject. This book will help address this information gap from an Information Technology solution and usage-centric view of cloud infrastructure security. The book highlights the fundamental technology components nece...
The Security Development Lifecycle
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs - the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team ...
Web Application Security
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, intro...
The Role of Smallholder Farms in Food and Nutrition Security
This open book discusses the current role of smallholders in connection with food security and poverty reduction in developing countries. It addresses the opportunities they enjoy, and the constraints they face, by analysing the availability, access to and utilization of production factors.Due to the relevance of smallholder farms, enhancing their ...
Target Suitability and the Crime Drop
This is a chapter from The Criminal Act: The Role and Influence of Routine Activity Theory edited by Martin A. Andresen and Graham Farrell. Target suitability is a cornerstone of Marcus Felson's routine activities approach, and critical in determining crime rates. Recent research identifies reduced target suitability, via improved security, as...