Chris Binnie, Rory McCune

Cloud Native Security (eBook, PDF)

• Format: PDF

Produktbeschreibung

Explore the latest and most comprehensive guide to securing your Cloud Native technology stack Cloud Native Security delivers a detailed study into minimizing the attack surfaces found on today's Cloud Native infrastructure. Throughout the work hands-on examples walk through mitigating threats and the areas of concern that need to be addressed. The book contains the information that professionals need in order to build a diverse mix of the niche knowledge required to harden Cloud Native estates. The book begins with more accessible content about understanding Linux containers and container runtime protection before moving on to more advanced subject matter like advanced attacks on Kubernetes. You'll also learn about: * Installing and configuring multiple types of DevSecOps tooling in CI/CD pipelines * Building a forensic logging system that can provide exceptional levels of detail, suited to busy containerized estates * Securing the most popular container orchestrator, Kubernetes * Hardening cloud platforms and automating security enforcement in the cloud using sophisticated policies Perfect for DevOps engineers, platform engineers, security professionals and students, Cloud Native Security will earn a place in the libraries of all professionals who wish to improve their understanding of modern security challenges.

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

Produktdetails

• Verlag: John Wiley & Sons
• Seitenzahl: 336
• Erscheinungstermin: 17. Juni 2021
• Englisch
• ISBN-13: 9781119824534
• Artikelnr.: 62154866

Autorenporträt

CHRIS BINNIE is a Technical Consultant who has worked for almost 25 years with critical Linux systems in banking and government, both on-premise and in the cloud. He has written two Linux books, has written for Linux and ADMIN magazines and has five years of experience in DevOps security consultancy roles. RORY MCCUNE has over 20 years of experience in the Information and IT security arenas. His professional focus is on container, cloud, and application security and he is an author of the CIS Benchmarks for Docker and Kubernetes and has authored and delivered container security training at conferences around the world.

Inhaltsangabe

Introduction xix

Part I Container and Orchestrator Security 1

Chapter 1 What is a Container? 3

Common Misconceptions 4

Container Components 6

Kernel Capabilities 7

Other Containers 13

Summary 14

Chapter 2 Rootless Runtimes 17

Docker Rootless Mode 18

Installing Rootless Mode 20

Running Rootless Podman 25

Setting Up Podman 26

Summary 31

Chapter 3 Container Runtime Protection 33

Running Falco 34

Configuring Rules 38

Changing Rules 39

Macros 41

Lists 41

Getting Your Priorities Right 41

Tagging Rulesets 42

Outputting Alerts 42

Summary 43

Chapter 4 Forensic Logging 45

Things to Consider 46

Salient Files 47

Breaking the Rules 49

Key Commands 52

The Rules 52

Parsing Rules 54

Monitoring 58

Ordering and Performance 62

Summary 63

Chapter 5 Kubernetes Vulnerabilities 65

Mini Kubernetes 66

Options for Using kube-hunter 68

Deployment Methods 68

Scanning Approaches 69

Hunting Modes 69

Container Deployment 70

Inside Cluster Tests 71

Minikube vs. kube-hunter 74

Getting a List of Tests 76

Summary 77

Chapter 6 Container Image CVEs 79

Understanding CVEs 80

Trivy 82

Getting Started 83

Exploring Anchore 88

Clair 96

Secure Registries 97

Summary 101

Part II DevSecOps Tooling 103

Chapter 7 Baseline Scanning (or, Zap Your Apps) 105

Where to Find ZAP 106

Baseline Scanning 107

Scanning Nmap's Host 113

Adding Regular Expressions 114

Summary 116

Chapter 8 Codifying Security 117

Security Tooling 117

Installation 118

Simple Tests 122

Example Attack Files 124

Summary 127

Chapter 9 Kubernetes Compliance 129

Mini Kubernetes 130

Using kube-bench 133

Troubleshooting 138

Automation 139

Summary 140

Chapter 10 Securing Your Git Repositories 141

Things to Consider 142

Installing and Running Gitleaks 144

Installing and Running GitRob 149

Summary 151

Chapter 11 Automated Host Security 153

Machine Images 155

Idempotency 156

Secure Shell Example 158

Kernel Changes 162

Summary 163

Chapter 12 Server Scanning With Nikto 165

Things to Consider 165

Installation 166

Scanning a Second Host 170

Running Options 171

Command-Line Options 172

Evasion Techniques 172

The Main Nikto Configuration File 175

Summary 176

Part III Cloud Security 177

Chapter 13 Monitoring Cloud Operations 179

Host Dashboarding with NetData 180

Installing Netdata 180

Host Installation 180

Container Installation 183

Collectors 186

Uninstalling Host Packages 186

Cloud Platform Interrogation with Komiser 186

Installation Options 190

Summary 191

Chapter 14 Cloud Guardianship 193

Installing Cloud Custodian 193

Wrapper Installation 194

Python Installation 195

EC2 Interaction 196

More Complex Policies 201

IAM Policies 202
&