چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Mastering Cloud Security Posture Management (CSPM) : Secure Multi-cloud Infrastructure Across AWS, Azure, and Google Cloud Using Proven Techniques

Qamar Nomani, Julie Davila, Rehman Khan

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

سال انتشار
۲۰۲۴
فرمت
EPUB
زبان
انگلیسی
تعداد صفحات
۵ صفحه
حجم فایل
۱۲٫۶ مگابایت
شابک
9781837630707، 9781837638406، 1837630704، 1837638403

دربارهٔ کتاب

Secure multi-cloud infrastructure across AWS, Azure, and Google Cloud using proven techniques Key benefits• Choose the right CSPM tool to rectify cloud security misconfigurations based on organizational requirements• Optimize your security posture with expert techniques for in-depth cloud security insights• Improve your security compliance score by adopting a secure-by-design approach and implementing security automation Cover Title page Copyright and credits Dedication Foreword Contributors Table of contents Preface Part 1:CSPM Fundamentals Chapter 1: Cloud Security Fundamentals Technical requirements What is cloud computing? Cloud computing service model What is cloud security? Security concerns with the public cloud The shared responsibility model Division of responsibility Defense in depth Defense in depth guiding principle The CIA triad Confidentiality Integrity Availability Why is it important to maintain confidentiality, integrity, and availability? How do organizations ensure confidentiality, integrity, and availability? The three pillars of cybersecurity – people, process, and technology The Zero Trust model Zero Trust guiding principles The six foundational pillars Compliance concepts Cryptography Encryption The Cloud Adoption Framework Landing zone concepts Summary Further reading Chapter 2: Understanding CSPM and the Threat Landscape What is CSPM? Threat landscape and the importance of CSPM tools Key capabilities and core components of CSPM How do CSPM tools work? Common cloud misconfigurations and their causes Why do misconfigurations occur? Best practices to safeguard from misconfiguration Are CSPM tools enough to protect the cloud environment? What are other cloud security technologies and tools? Summary Further reading Chapter 3: CSPM Tools and Features Technical requirements Understanding CSPM tools Cloud provider native CSPM tool Third-party CSPM tool Agent-based versus agentless CSPM solutions Open source CSPM tools Understanding the Gartner Magic Quadrant Gartner Peer Insights Gartner Review Examples of CSPM tools Cloud provider-native CSPM tools Third-party CSPM tools Open source CSPM tools Summary Further reading Chapter 4: CSPM Tool Selection Structured thought to choose the right CSPM tool 1. Understand your organization’s cloud security needs 2. Identify the CSPM features you need 3. Evaluate the CSPM vendor 4. Consider the ease of use 5. Look for automation capabilities 6. Evaluate pricing and licensing Vendor selection process checklists for CSPM POC for CSPM tools What is the key outcome of the CSPM tool’s POC? Summary Further reading Part 2: CSPM Deployment Aspects Chapter 5: Deploying the CSPM Tool Deployment model overview Key considerations for effective deployment The SaaS/cloud-based deployment model On-premises deployments Hybrid deployment Leveraging managed service provider (MSP) support Different deployment methodologies Agent-based deployment API-based deployment Proxy-based deployment Tool deployment best practices Summary Further reading Chapter 6: Onboarding Cloud Accounts Key considerations and steps involved Account onboarding key considerations Steps for successful onboarding Best practices for onboarding of cloud accounts Account onboarding steps Onboarding AWS accounts Onboarding Azure accounts Onboarding GCP accounts Onboarding other clouds Onboarding roadblocks and mitigation best practices Roadblock #1 – Lack of necessary permissions Roadblock #2 – Complex cloud environments Roadblock #3 – Resistance to change Roadblock #4 – Policy complexity Roadblock #5 – Alert fatigue Roadblock #6 – Integration complexity Roadblock #7 – Monitoring and alerting configuration Roadblock #8 – Data privacy and security Roadblock #9 – Compliance variability Roadblock #10 – Scalability Offboarding cloud accounts Importance of offboarding cloud accounts from CSPM Process for offboarding cloud accounts from CSPM Summary Further reading Chapter 7: Onboarding Containers Containerization overview and its benefits Benefits of containerization Understanding container security challenges How does CSPM address these unique security challenges? Onboarding containers to CSPM tools Understanding Microsoft Defender for Containers features Defender for Containers architecture diagram Enabling Microsoft Defender for Containers for Kubernetes clusters Onboarding roadblocks and mitigation tips Latest trends and advancements in container security Summary Further reading Chapter 8: Exploring Environment Settings Environment settings overview Managing users and permissions User management User group management Built-in user roles Managing API tokens Key challenges in permission management Best practices to overcome permission-related challenges CSPM integrations with other tools SSO integration Ticketing system integration Collaboration and communication (notifications) integrations Reporting and analytics integration Monitoring (SIEM/SOAR) tool integration Storage integrations Key integration challenges Best practices to overcome integration challenges Setting up an effective reporting environment Activity logging User activities System activities Security events Challenges in activity logging Best practices for activity logging Summary Further reading Part 3: Security Posture Enhancement Chapter 9: Exploring Cloud Asset Inventory Understanding the cloud asset inventory landscape Cloud assets overview Cloud asset classification Tagging concepts and asset classification Key challenges in asset inventory management Best practices for asset inventory management Other tools and techniques for asset management Summary Further reading Chapter 10: Reviewing CSPM Dashboards Reviewing general dashboard types Risk dashboards Compliance dashboards Inventory dashboards Identity dashboards Network security dashboards Vulnerability dashboards Alerts and incident dashboards Custom dashboards Exporting dashboards Best practices for effectively using CSPM dashboards Summary Further reading Chapter 11: Major Configuration Risks Workload misconfigurations overview Malware, misconfigurations, and vulnerabilities and their correlations The risks associated with malware and its vulnerabilities Identity misconfigurations Network security misconfigurations Lateral movement misconfigurations Data protection misconfigurations Suspicious and malicious activities Best practices and lessons learned Best practices to mitigate network security misconfigurations Lesson learned and its implementation Summary Further reading Chapter 12: Investigating Threats with Query Explorers and KQL Query explorer and attack paths overview Understanding the security explorer mechanism The importance of the security explorer in threat hunting Building queries with Cloud Security Explorer Exploring built-in query templates KQL basics KQL statement structure KQL practice environment Built-in KQL in the query explorer Custom queries in the query explorer Best practices for effective investigation Lessons learned from threat investigation Summary Further reading Chapter 13: Vulnerability and Patch Management Vulnerability and patch management overview Important terminologies Effective strategies to prioritize vulnerabilities Effective vulnerability management and CSPM tools Cloud vulnerabilities and CSPM tool relevance in the hybrid cloud Effective patch management and CSPM tools The importance of timely and efficient patch management Effective patch management process How patch management and CSPM can work best together CTI and vulnerability management What is CTI and its key aspects? The role of CTI in vulnerability and patch management CTI integration/feeds into CSPM tools Example use case Case studies and real-world examples Operational challenges Summary Further reading Chapter 14: Compliance Management and Governance Compliance management and governance overview Compliance management Governance Compliance versus governance – Distinctions and interconnections Why are compliance and governance crucial in cloud security? Regulatory frameworks and compliance standards GDPR HIPAA SOC 2 Federal Risk and Authorization Management Program California Consumer Privacy Act California Privacy Rights Act Personal Data Protection Act Federal Information Security Management Act ISO 27001 PCI DSS NIST Cybersecurity Framework Cloud Security Alliance Cloud Controls Matrix Center for Internet Security benchmark controls Cloud governance frameworks AWS WAF MCSB Adapting cloud governance to the organization’s need Global versus regional compliance considerations Use cases, scenarios, and examples Use case #1 – Data protection and privacy Use case #2 – Incident reporting and notification Use case #3 – Compliance audits Challenges, CSPM roles, and future trends Challenges in compliance and governance CSPM’s role in effective compliance management and governance Future trends in compliance and governance Summary Chapter 15: Security Alerts and Monitoring Security alerts and monitoring overview Real-world scenarios illustrating the consequences of inadequate monitoring Distinguishing between security alerts, incidents, and anomalies Common categories of security alerts Building an effective alerting strategy Setting clear security objectives and risk thresholds Defining alerting criteria tailored to your organization’s needs Avoiding alert fatigue – best practices in alert tuning and prioritization Leveraging cloud-native monitoring solutions Can CSPM tools be used as cloud-native monitoring solutions? Third-party SIEM solutions Automated incident response Compliance and auditing through monitoring Meeting compliance requirements through continuous monitoring Demonstrating CSPM effectiveness to auditors and regulators Automating compliance checks and reporting Emerging trends in security alerts and monitoring Real-time visibility across multi-cloud environments Artificial intelligence-driven threat detection and anomaly analysis Cloud-native security monitoring Automated remediation and orchestration Cloud compliance and governance Integration with SIEM solutions Case study and lessons learned Case study – streamlined threat detection and incident response with CSPM and SIEM Case highlights Implementing proactive resilience using alerts and monitoring Summary Further reading Part 4: Advanced Topics and Future Trends Chapter 16: Integrating CSPM with IaC Understanding IaC What is IaC? How did IaC evolve, and what problems does it solve? Key principles and benefits Key IaC tools and technologies IaC offerings by cloud providers CSPM and IaC integration How IaC and CSPM enhance security posture together Potential integration challenges and strategies to overcome Human and cultural aspects of challenges Best practices and design patterns DRY principle – Reducing redundancy in IaC code Separation of concerns – Organizing code for maintainability and scalability Testing and validation – Ensuring the reliability of your IaC code Infrastructure as Data – Leveraging data-driven approaches for configuration Summary Further reading Chapter 17: DevSecOps – Workflow Automation Understanding DevSecOps DevOps versus DevSecOps – Key differences and principles The DevSecOps life cycle The importance of CI/CD pipelines The role of security in DevSecOps Key automation concepts The relationship between CSPM and workflow automation Benefits of automation in security and compliance Common automation challenges and their solutions Workflow automation in CSPM Automating compliance checks and policy enforcement Dynamic asset discovery and tracking Incident response and remediation automation Real-time monitoring and alerting Implementing workflow automations Setting up and configuring automation pipelines Writing scripts and playbooks for CSPM automation Testing and validating automation workflows Scaling automation for enterprise-level CSPM Case studies, best practices, and lessons learned Best practices for implementing and maintaining automation in DevSecOps Lessons learned from DevSecOps and CSPM automation adoption Security and compliance in DevSecOps automation Ensuring the security of automation pipelines Compliance with regulatory requirements in automated processes Handling secrets and sensitive data securely in automation Continuous monitoring and auditing of automated workflows Future trends and emerging technologies The evolving landscape of DevSecOps and CSPM Artificial intelligence (AI) and machine learning (ML) in CSPM automation The role of containers and serverless in automated security Predictions for the future of DevSecOps automation Summary Further reading Chapter 18: CSPM-Related Technologies Understanding the cloud security ecosystem Why is CSPM not enough? CNAPPs CWPPs CASBs DSPM CIEM Summary Further reading Chapter 19: Future Trends and Challenges Emerging technologies impacting CSPM Quantum computing and its potential threat to encryption AI and ML in enhancing CSPM capabilities The Internet of Things (IoT) and its implications for CSPM Blockchain and its role in securing cloud environments Regulatory landscape Evolving threat landscape Zero-day vulnerabilities and their implications for CSPM Skills and talent gap Key challenges Strategies for bridging the gap User awareness and training Case studies and best practices Lessons learned from successful CSPM deployments Lessons learned from unsuccessful CSPM deployments Best practices for staying ahead of emerging threats in CSPM Summary Further reading Index Other Books You May Enjoy Strengthen your security posture in all aspects of CSPM technology, from security infrastructure design to implementation strategies, automation, and remedial actions using operational best practices across your cloud environment Key Features Choose the right CSPM tool to rectify cloud security misconfigurations based on organizational requirements Optimize your security posture with expert techniques for in-depth cloud security insights Improve your security compliance score by adopting a secure-by-design approach and implementing security automation Purchase of the print or Kindle book includes a free PDF eBook Book Description This book will help you secure your cloud infrastructure confidently with cloud security posture management (CSPM) through expert guidance that'll enable you to implement CSPM effectively, ensuring an optimal security posture across multi-cloud infrastructures. The book begins by unraveling the fundamentals of cloud security, debunking myths about the shared responsibility model, and introducing key concepts such as defense-in-depth, the Zero Trust model, and compliance. Next, you'll explore CSPM's core components, tools, selection criteria, deployment strategies, and environment settings, which will be followed by chapters on onboarding cloud accounts, dashboard customization, cloud assets inventory, configuration risks, and cyber threat hunting. As you progress, you'll get to grips with operational practices, vulnerability and patch management, compliance benchmarks, and security alerts. You'll also gain insights into cloud workload protection platforms (CWPPs). The concluding chapters focus on Infrastructure as Code (IaC) scanning, DevSecOps, and workflow automation, providing a thorough understanding of securing multi-cloud environments. By the end of this book, you'll have honed the skills to make informed decisions and contribute effectively at every level, from strategic planning to day-to-day operations. What you will learn Find out how to deploy and onboard cloud accounts using CSPM tools Understand security posture aspects such as the dashboard, asset inventory, and risks Explore the Kusto Query Language (KQL) and write threat hunting queries Explore security recommendations and operational best practices Get to grips with vulnerability, patch, and compliance management, and governance Familiarize yourself with security alerts, monitoring, and workload protection best practices Manage IaC scan policies and learn how to handle exceptions Who this book is for If you're a cloud security administrator, security engineer, or DevSecOps engineer, you'll find this book useful every step of the way-from proof of concept to the secured, automated implementation of CSPM with proper auto-remediation configuration. This book will also help cybersecurity managers, security leads, and cloud security architects looking to explore the decision matrix and key requirements for choosing the right product. Cloud security enthusiasts who want to enhance their knowledge to bolster the security posture of multi-cloud infrastructure will also benefit from this book. Table of Contents Cloud Security Fundamentals Understanding CSPM and the Threat Landscape CSPM Tools and Features CSPM Tool Selection Deploying the CSPM Tool Onboarding Cloud Accounts Onboarding Containers Exploring Environment Settings Exploring Cloud Asset Inventory Dashboard Overview Major Configuration Risks Investigating Threats with Query Explorers and KQL (N.B. Please use the Look Inside option to see further chapters)

کتاب‌های مشابه

Mastering Cloud Security Posture Management (CSPM) : Secure Multi-cloud Infrastructure Across AWS, Azure, and Google Cloud Using Proven Techniques

Mastering Cloud Security Posture Management (CSPM) : Secure Multi-cloud Infrastructure Across AWS, Azure, and Google Cloud Using Proven Techniques

۴۹٬۰۰۰ تومان

Mastering Cloud Security Posture Management (CSPM) : Secure Multi-cloud Infrastructure Across AWS, Azure, and Google Cloud Using Proven Techniques

Mastering Cloud Security Posture Management (CSPM) : Secure Multi-cloud Infrastructure Across AWS, Azure, and Google Cloud Using Proven Techniques

۴۹٬۰۰۰ تومان

Multi-Cloud Administration Guide: Manage and Optimize Cloud Resources Across Azure, AWS, GCP, and Alibaba Cloud

Multi-Cloud Administration Guide: Manage and Optimize Cloud Resources Across Azure, AWS, GCP, and Alibaba Cloud

۴۹٬۰۰۰ تومان

Multi-Cloud Administration Guide: Manage and Optimize Cloud Resources Across Azure, AWS, GCP, and Alibaba Cloud

Multi-Cloud Administration Guide: Manage and Optimize Cloud Resources Across Azure, AWS, GCP, and Alibaba Cloud

۴۹٬۰۰۰ تومان

Mastering Multi-Cloud Paradigm for Enterprises: Transform Enterprise Infrastructure with Multi-Cloud Strategies Using Azure, AWS, and GCP for Optimizing Resources, Enhancing Security and Disaster Recovery (English Edition)

Mastering Multi-Cloud Paradigm for Enterprises: Transform Enterprise Infrastructure with Multi-Cloud Strategies Using Azure, AWS, and GCP for Optimizing Resources, Enhancing Security and Disaster Recovery (English Edition)

۴۹٬۰۰۰ تومان

Mastering Multi-Cloud Paradigm for Enterprises: Transform Enterprise Infrastructure with Multi-Cloud Strategies Using Azure, AWS, and GCP for Optimizing Resources, Enhancing Security and Disaster Recovery (English Edition)

Mastering Multi-Cloud Paradigm for Enterprises: Transform Enterprise Infrastructure with Multi-Cloud Strategies Using Azure, AWS, and GCP for Optimizing Resources, Enhancing Security and Disaster Recovery (English Edition)

۴۹٬۰۰۰ تومان

Azure Cloud Security for Absolute Beginners : Enabling Cloud Infrastructure Security with Multi-Level Security Options

Azure Cloud Security for Absolute Beginners : Enabling Cloud Infrastructure Security with Multi-Level Security Options

۴۹٬۰۰۰ تومان

Azure Cloud Security for Absolute Beginners : Enabling Cloud Infrastructure Security with Multi-Level Security Options

Azure Cloud Security for Absolute Beginners : Enabling Cloud Infrastructure Security with Multi-Level Security Options

۴۹٬۰۰۰ تومان

Multi-Cloud Administration Guide: Manage and optimize cloud resources across Azure, AWS, GCP, and Alibaba Cloud (English Edition)

Multi-Cloud Administration Guide: Manage and optimize cloud resources across Azure, AWS, GCP, and Alibaba Cloud (English Edition)

۴۹٬۰۰۰ تومان

Multi-Cloud Administration Guide: Manage and optimize cloud resources across Azure, AWS, GCP, and Alibaba Cloud (English Edition)

Multi-Cloud Administration Guide: Manage and optimize cloud resources across Azure, AWS, GCP, and Alibaba Cloud (English Edition)

۴۹٬۰۰۰ تومان

HashiCorp Infrastructure Automation Certification Guide: Pass the Terraform Associate exam and manage IaC to scale across AWS, Azure, and Google Cloud

HashiCorp Infrastructure Automation Certification Guide: Pass the Terraform Associate exam and manage IaC to scale across AWS, Azure, and Google Cloud

۴۹٬۰۰۰ تومان

HashiCorp Infrastructure Automation Certification Guide: Pass the Terraform Associate exam and manage IaC to scale across AWS, Azure, and Google Cloud

HashiCorp Infrastructure Automation Certification Guide: Pass the Terraform Associate exam and manage IaC to scale across AWS, Azure, and Google Cloud

۴۹٬۰۰۰ تومان

قیمت نهایی

۴۴٬۰۰۰ تومان