DevSecOps for .NET Core (eBook, PDF) - Zeeshan, Afzaal Ahmad
35,95 €
35,95 €
inkl. MwSt.
Sofort per Download lieferbar
18 °P sammeln
35,95 €
35,95 €
inkl. MwSt.
Sofort per Download lieferbar

Alle Infos zum eBook verschenken
18 °P sammeln
Als Download kaufen
35,95 €
inkl. MwSt.
Sofort per Download lieferbar
18 °P sammeln
Jetzt verschenken
35,95 €
inkl. MwSt.
Sofort per Download lieferbar

Alle Infos zum eBook verschenken
18 °P sammeln
  • Format: PDF


Automate core security tasks by embedding security controls and processes early in the DevOps workflow through DevSecOps. You will not only learn the various stages in the DevOps pipeline through examples of solutions developed and deployed using .NET Core, but also go through open source SDKs and toolkits that will help you to incorporate automation, security, and compliance.
The book starts with an outline of modern software engineering principles and gives you an overview of DevOps in .NET Core. It further explains automation in DevOps for product development along with security
…mehr

Produktbeschreibung
Automate core security tasks by embedding security controls and processes early in the DevOps workflow through DevSecOps. You will not only learn the various stages in the DevOps pipeline through examples of solutions developed and deployed using .NET Core, but also go through open source SDKs and toolkits that will help you to incorporate automation, security, and compliance.

The book starts with an outline of modern software engineering principles and gives you an overview of DevOps in .NET Core. It further explains automation in DevOps for product development along with security principles to improve product quality. Next, you will learn how to improve your product quality and avoid code issues such as SQL injection prevention, cross-site scripting, and many more. Moving forward, you will go through the steps necessary to make security, compliance, audit, and UX automated to increase the efficiency of your organization. You'll see demonstrations of the CI phase of DevOps, on-premise and hosted, along with code analysis methods to verify product quality. Finally, you will learn network security in Docker and containers followed by compliance and security standards.

After reading DevSecOps for .NET Core, you will be able to understand how automation, security, and compliance works in all the stages of the DevOps pipeline while showcasing real-world examples of solutions developed and deployed using .NET Core 3.

What You Will Learn
  • Implement security for the .NET Core runtime for cross-functional workloads
  • Work with code style and review guidelines to improve the security, performance, and maintenance of components
  • Add to DevOps pipelines to scan code for security vulnerabilities
  • Deploy software on a secure infrastructure, on Docker, Kubernetes, and cloud environments
  • Who This Book Is For
    Software engineers and developers who develop and maintain a secure code repository.

    Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

    • Produktdetails
    • Verlag: Springer-Verlag GmbH
    • Seitenzahl: 284
    • Erscheinungstermin: 30. Mai 2020
    • Englisch
    • ISBN-13: 9781484258507
    • Artikelnr.: 59566931
    Autorenporträt
    Afzaal Ahmad Zeeshan is a software engineer based in Rabwah, Pakistan, and likes .NET Core for regular day development. He has experience with cloud, mobile, and API development. Afzaal Ahmad has experience with the Azure platform and likes to build cross-platform libraries/software with .NET Core. He has been awarded MVP Award by Alibaba Cloud for cloud expertise and has been recognized as a Microsoft MVP for his work in the field of software development twice, four times as a CodeProject MVP for technical writing and mentoring, and four times as a C# Corner MVP in the same field.
    Inhaltsangabe
    Chapter 1: Modern Software Engineering

    Chapter Goal: This chapter will outline the modern software engineering principles and introduce DevOps as well as requirements and responsibilities of a software engineering team to publish quality software.

    No of pages 20

    Sub -Topics

    1. Software Design

    2. Solutions on the Internet

    3. Multicultural Customers

    4. Changing Market

    5. Security and Compliance Requirements

    Chapter 2: DevOps with Security

    Chapter Goal: This is a practical topic and discusses DevOps pipelines as a mode of automation for software production and outlines important tasks in DevOps where automation can inject security principles to improve product quality.

    No of pages: 20-25

    Sub - Topics

    1. DevOps in a Nutshell

    2. Securing Software

    3. Quality Assurance

    4. Pre-commit testing

    5. HTTP vs SSH

    Chapter 3: Writing Secure Code

    Chapter Goal: This chapter discusses the development phase of DevOps pipeline and outlines how to improve software quality and decrease friction in later stages by preventing known vulnerabilities and code flaws before hand. During this chapter we will explore code issues such as SQL Injection prevention, Cross-site scripting, and other similar issues.

    No of pages : 45

    Sub - Topics:

    1. Write Less, Write Secure

    2. Developer Training

    3. Runtime Selection and Configuration

    4. Microservices: Separation of Concerns

    5. Authentication in Services

    Chapter 4: Automating Everything as Code

    Chapter Goal: We discuss the steps necessary to make security, compliance, audit, and UX automated to decrease decoupling and friction in the departments, and introduce key factors that help improve build and hosting environments, which will be discussed in detail in later chapter.

    No of pages:40-45

    Sub - Topics:

    1. Version Control and Audit

    2. Hosted Code Storage

    3. Infrastructure as Code

    4. Automating Security

    5. Compliance and Policies

    6. Risk and Bugs Analysis

    Chapter 5: Securing Build Systems for DevOps

    Chapter Goal: In this chapter we demonstrate the CI phase of DevOps and utilize our build systems; hosted and on-premises, to apply security and compliance checks throughout the task, we apply code analysis methods to verify quality of product and discusses different approaches to host package archives for deployment.

    No of pages: 45

    1. On-Premises vs Hosted CI/CD

    2. Code Analysis Methods

    3. Archive Caching and Hashing

    4. Automated Deployments

    Chapter 6: Automating Production Environments for Quality

    Chapter Goal: This chapter focuses on production hosting environments and their security, such as container and host platform security, network ports scanning, firewall and application gateways to prevent unauthorized access. We also explore how to extract sensitive information out of source code and configuration files using external services to improve privacy.

    No of pages: 40

    1. Host Platforms

    2. Docker and Containers

    3. Network Security

    4. Configuration and Credentials

    5. System Failure and Post-mortems

    6. Infrastructure Rollbacks

    Chapter 7: Compliance and Security

    Chapter Goal: This chapter enlists international standards and their requirements by a software product, such as GDPR, and how teams can tackle these in their products using automated audits.

    No of pages: 15

    1. Audit

    2. GDPR Requirements

    3. DevOps Audit Toolkit

    4. Automated Issue Tracking