Lavoisier S.A.S.
14 rue de Provigny
94236 Cachan cedex
FRANCE

Heures d'ouverture 08h30-12h30/13h30-17h30
Tél.: +33 (0)1 47 40 67 00
Fax: +33 (0)1 47 40 67 02


Url canonique : www.lavoisier.fr/livre/informatique/practical-serverless-security/descriptif_4382718
Url courte ou permalien : www.lavoisier.fr/livre/notice.asp?ouvrage=4382718

0 article 

 Frais de port 0,01€*

Exclusivité web : à partir de 35 euros d’achat, frais de port à 1 centime pour les expéditions vers la France métropolitaine, la Suisse et l’UE avec Colissimo ou GLS

Serverless Security, 1st ed. Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud

Langue : Anglais

Auteur :

Couverture de l’ouvrage Serverless Security
Apply the basics of security in serverless computing to new or existing projects. This hands-on guide provides practical examples and fundamentals. You will apply these fundamentals in all aspects of serverless computing: improving the code, securing the application, and protecting the infrastructure. You will come away having security knowledge that enables you to secure a project you are supporting and have technical conversations with cybersecurity personnel.

At a time when there are many news stories on cybersecurity breaches, it is crucial to think about security in your applications. It is tempting to believe that having a third-party host the entire computing platform will increase security. This book shows you why cybersecurity is the responsibility of everyone working on the project.


What You Will Learn

  • Gain a deeper understanding of cybersecurity in serverless computing
  • Know how to use free and open source tools (such as the Node Package Manager, ESLint, and VSCode) to reduce vulnerabilities in your application code
  • Assess potential threats from event triggers in your serverless functions
  • Understand security best practices in serverless computing
  • Develop an agnostic security architecture while reducing risk from vendor-specific infrastructure


Who This Book Is For

Developers or security engineers looking to expand their current knowledge of traditional cybersecurity into serverless computing projects. Individuals just beginning in serverless computing and cybersecurity can apply the concepts in this book in their projects.

Introduction

 

Part I: The Need for Security

 

Chapter 1: Determining Scope

Understanding the Application

Scoping

 

Chapter 2: Performing a Risk Assessment

Understanding the Threat Landscape

Threat Modeling

Preparing the Risk Assessment

 

Part II: Securing the Application

 

Chapter 3: Securing the Code

Assessing Dependencies

Using Static Code Analysis Tools

Writing Unit Tests

 

Chapter 4: Securing the Interfaces

Identifying the Interfaces

Determining the Interface Inputs

Reducing the Attack Surface

 

Chapter 5: Securing the Code Repository

Using a Code Repository

Limiting Saved Content

 

Part III: Securing the Infrastructure

 

Chapter 5: Restricting Permissions

Understanding Permissions

Identifying the Services

Updating the Permissions

 

Chapter 6: Account Management

Understanding Account Access

Restricting Account Access

Implementing Multi-Factor Authentication

Using Secrets

 

Part IV: Monitoring and Alerting

 

Chapter 7: Monitoring Logs

Understanding Logging Methods

Reviewing Logs

 

Chapter 8: Monitoring Metrics

Understanding Metrics

Reviewing Metrics

 

Chapter 9: Monitoring Billing

Understanding Billing

Reviewing Billing

 

Chapter 10: Monitoring Security Events

Understanding Security Events

Reviewing Security Event

 

Chapter 10: Alerting

Understanding Alerting

Implementing Alerting

 

Chapter 11: Auditing

Understanding Auditing

Implementing Auditing

 

Part V: Security Assessment and Report

 

Chapter 12: Finalizing the Risk Assessment

Scoring the Identified Risks

Defining the Mitigation Steps

Assessing the Business Impact

Determining the Overall Security Risk Level

Miguel Calles is a freelance cybersecurity content writer. He has an information assurance certification, and works as an engineer on a serverless project. He started in cybersecurity in 2016 for a US government contract, and has been doing technical writing since 2007, and has worked in various engineering roles since 2004. Miguel started his interest in cybersecurity when he was in middle school and was trying to backward engineer websites.

Reviews traditional cybersecurity principles in the context of serverless computing

Shows you how to integrate tools to improve the cybersecurity posture of your serverless project

Examines security features provided by Amazon Web Services, Azure, and Google Cloud

Provides you with practical hands-on examples for securing a serverless application

Date de parution :

Ouvrage de 347 p.

17.8x25.4 cm

Disponible chez l'éditeur (délai d'approvisionnement : 15 jours).

63,29 €

Ajouter au panier

Ces ouvrages sont susceptibles de vous intéresser


Programming AWS LambdaBuild and Deploy Serverless Applications with Java 67,11 €

Learning Apache OpenWhisk 78,12 €

Knative Cookbook 56,07 €