Cloud Native Application Protection Platforms

Cloud Native Application Protection Platforms - Opis

Cloud native security isn't a game for individual players. It requires team collaboration with a platform that can help cloud security engineers, developers, and operations people do their best work. That's what the cloud native application protection platform (CNAPP) delivers. With this practical guide, you'll learn how CNAPPs can help you consolidate security through DevSecOps across cloud native technologies, practices, and application lifecycles.Through real-life attack scenarios, authors Russ Miles, Steve Giguere, and Taylor Smith help you explore how CNAPP not only mitigates multidimensional threats, but also reduces complexity and helps your team stay one step ahead of attackers. CNAPP provides a holistic approach to your cloud native development across identities, workloads, networks, and infrastructure.With this book, you will:Examine threats to different parts of the cloud native stack, including pipelines, supply chains, infrastructure, workloads, and applicationsLearn what CNAPP is and how it enables the context-sharing and collaboration necessary to secure your applications from development to runtimeAssess your own attack surface from a code and runtime standpointIdentify blind spots in your existing cloud native security coverageLeverage CNAPP to achieve a holistic, collaborative security environment Spis treści:
Preface
Who Should Read This Book
Why We Wrote This Book
Navigating This Book
Whats Not in This Book
Important Terms
A Brief Cloud Native and CNAPP Primer
Cloud Native
DevOps, IaC, and Bears, Oh My!
Securing (...) więcej the Whole Deal Is Hard!
Enter the Cloud Native Application Protection Platform
Conventions Used in This Book
Using Code Examples
OReilly Online Learning
How to Contact Us
Acknowledgements
1. Cloud Security, the Collaborative Game
The Cloud Native Security Game
How a Play Is Made: The Anatomy of an Attack
Meet the Attackers: Actors and Vectors
The Attackers Moves
Gaining initial access
Establishing the foothold
Escalating Privilege
Executing the attack
Broad, Deep, and Complex: The Cloud Native Security Game Board
First, a Pinch of Structure: The Cloud Native Stack
Second, a Smattering of Speed: Lifecycles
To Season, Add Some Open Source
Open Source: Easy Button for Growth, but at What Risk?
Your (Insecure) Dish Is Ready: From Shallow to Defense in Depth
The Attack Surface Is Broad
Your Team: Cloud Security, Operations Security, and Development Security
From Code to Cloud: Cloud Security Engineers + Security-Aware Developers + Security Operations
Your Team, Siloed
Working in silos
Tooling gaps
DevSecOps: Whoever Collaborates Best and Learns Fastest, Wins
Collaboration and Emergence
Who OODAs Best, Wins
Your CNAPP Enables Your Cloud Native Security OODA Loop
Losing Our Cloud Native Security Game
2. Playing to Win with Context and Collaboration
Surfacing and Observing Your Security
Observing Your System
Combining Observing with Security Advice
CNAPP Policies: From Observing to Orienting, Deciding, and Acting
Orient Through CNAPP Policy Pattern-Matching
Triggering Cross-Team Decisions and Actions
Acronyms, Assemble! Key Terms and Definitions
Back to Our Security Breach
Lost in Translation
Winning with Shared Security Context and Collaboration
3. A Shadow Cloud Emerges: Immediate Visibility, Maintaining Control
Notable by Its Absence
Characteristics of a Shadow Cloud
Cloud Security Posture
Surfacing Your Cloud of Curiosities
Observe: Identifying the Assets
Orient: Identifying Threats and Vulnerabilities
Decide: Analyzing, Categorizing, and Prioritizing the Risks
Act: Connecting Your CNAPP to the Action Through Integrations
Learn: New Problems, New Policies, New ControlsNew Loops
Rinse and Repeat, Continuously
From Continuously Reacting, to Continuously Proacting
4. Preventing Risk Early
The Interface Between Security and Development Work
Comparing the Developer and Security Domain Languages
CNAPP as an Anti-Corruption Layer
Respecting the Goals of Effective Security and Development Teams
Team Interaction Modes
CNAPP as a Development Collaborator
Inspecting Your CNAPP Policies
Surfacing Security Where You Work
Security Awareness and Immediate Fixes in the IDE
When a PR Is Born
Checks and Balances in the Build
Scope, Feedback, and (Helpful) Blame
Automatically Updating Your Security Posture
5. Securing Your Supply Chain
Introducing Your Cloud Native Supply Chain
Your House of (Cards) Supply Chains
How Supply Chain Attacks Work
Rapid Release, Rapid Vulnerabilities
From Trust, through Fear and Suspicion, to Proactive Exploration and Resolution
Fear and Loathing in Dependencies
Making the Invisible Visible: CNAPP Software Composition Analysis
Building a Cloud Native SBOM (Software Bill of Materials)
Completing the SCA OODA Loop
From the Packages to the Packager
6. Continuous Delivery, Continuous Insecurity
CI/CD Pipelines: The Arteries of Production
The Purpose of a CI/CD Pipeline
Understanding CI/CD
Where Are My Risks?
Real-World Examples
Codecov
SolarWinds
CI/CD Under the Lens of your CNAPP
From Pipelines to Production
7. Protecting Your Runtime
Cloud Security Posture Management
Cloud Workload Protection Platforms
Cloud Infrastructure Entitlement Management
Runtime Security Requirements in a CNAPP
All for One and One for All Runtime Security
Whats Under the Hood?
Agent-Based Security
Agentless Security
Better Together
What Is an Attack Path?
From Breadth and Depth to (Data) Depth
8. Data Security Posture Management
Introduction to DSPM
What Is Sensitive Data?
Personal information
Corporate and government information
The Evolution of Data Security in Cloud Environments
How Does DSPM Work?
Data Discovery
Data Classification
Establishment and Application of Security Policies
AI and DSPM Sittin in a Tree
How Much Better Could It Have Been?
Equifax Breach (2017)
What happened
How DSPM could have helped
Marriott International (2018)
What happened
How DSPM could have helped
Capital One (2019)
What happened
How DSPM could have helped
DSPM Is a Platform Solution
Isnt an LLM Also Data?
Exposing the Heart of Our Problems: Data Theft and Data Laundering
9. Building a CNAPP Culture
From Slow Culture War to Fast Culture Collaboration
Gene Kims Contributions
Insights from Team Topologies
Determining Root Causes
A CNAPP Is the Doctor
A CNAPP is Cost-Centric Security
Security Chaos Engineering
Disparate Tools Lead to Security Theater
Total cost of ownership (TCO)
How to avoid this scenario
A CNAPP Makes the (Security) Team Work
Index mniej