Cloud Native Application Protection Platforms: A Guide to CNAPPs and the Foundations of Comprehensive Cloud Security
by 作者: Russ Miles (Author), Stephen Giguere (Author), Taylor Smith (Author)
Publisher Finelybook 出版社: O’Reilly Media
Edition 版本: 1st
Publication Date 出版日期: 2024-10-22
Language 语言: English
Pages 页数: 204 pages
ISBN-10 书号: 1098141709
ISBN-13 书号: 9781098141707
Book Description
Cloud native security isn’t a game for individual players. It requires team collaboration with a platform that can help cloud security engineers, developers, and operations people do their best work. That’s what the cloud native application protection platform (CNAPP) delivers. With this practical guide, you’ll learn how CNAPPs can help you consolidate security through DevSecOps across cloud native technologies, practices, and application lifecycles.
Through real-life attack scenarios, authors Russ Miles, Steve Giguere, and Taylor Smith help you explore how CNAPP not only mitigates multidimensional threats, but also reduces complexity and helps your team stay one step ahead of attackers. CNAPP provides a holistic approach to your cloud native development across identities, workloads, networks, and infrastructure.
With this book, you will:
- Examine threats to different parts of the cloud native stack, including pipelines, supply chains, infrastructure, workloads, and applications
- Learn what CNAPP is and how it enables the context-sharing and collaboration necessary to secure your applications from development to runtime
- Assess your own attack surface from a code and runtime standpoint
- Identify blind spots in your existing cloud native security coverage
- Leverage CNAPP to achieve a holistic, collaborative security environment
About the Author
Steve started his cybersecurity life by being kicked out of his high school computing class for privilege escalation on the school Unix system. He changed all the passwords to “peaches” (his friend’s dog’s name). But that was a long time ago.
Since then he has experienced a wide breadth of technologies throughout a career in the aero, telecoms and automotive industries improving quality, safety, velocity and efficiency.
Currently, he is enjoying life as a Cloud Security Advocate, specialising in Cloud and Infrastructure Security Automation. Prior to this, he was a Solution Architect for several cybersecurity companies, specialising in container and Kubernetes security and establishing DevSecOps best practices for enterprise CI/CD pipelines.
He also is an avid podcaster with personal podcasts Codifyre and CoSeCast. He co-runs the DevSecOps London Gathering meet-up. In his spare time, he plays the guitar and represents Great Britain playing Ultimate Frisbee!
Taylor Smith is a principal product manager at Palo Alto Networks specializing in Cloud Application Security. He is passionate about building products users love, DevSecOps principals, and making technical topics more accessible to broader audiences. Prior to joining Palo Alto Networks, Taylor held product and strategy roles at NetApp, Cisco, and Gremlin. When not behind a keyboard, he can be found outside swimming or hiking with his family.
