DevSecOps for Azure: End-to-end supply chain security for GitHub, Azure DevOps, and the Azure cloud
Author: David Okeyode (Author), Joylynn Kirui (Author)
Publisher finelybook 出版社: Packt Publishing
Publication Date 出版日期: 2024-08-28
Language 语言: English
Print Length 页数: 342 pages
ISBN-10: 1837631115
ISBN-13: 9781837631117
Book Description
Gain holistic insights and practical expertise in embedding security within the DevOps pipeline, specifically tailored for Azure cloud environments
Key Features
- Learn how to integrate security into Azure DevOps workflows for cloud infrastructure
- Find out how to integrate secure practices across all phases of the Azure DevOps workflow, from planning to monitoring
- Harden the entire DevOps workflow, from planning and coding to source control, CI, and cloud workload deployment
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description
Businesses must prioritize security, especially when working in the constantly evolving Azure cloud. However, many organizations struggle to maintain security and compliance. Attackers are increasingly targeting software development processes, making software supply chain security crucial. This includes source control systems, build systems, CI/CD platforms, and various artifacts. With the help of this book, you’ll be able to enhance security and compliance in Azure software development processes.
Starting with an overview of DevOps and its relationship with Agile methodologies and cloud computing, you’ll gain a solid foundation in DevSecOps principles. The book then delves into the security challenges specific to DevOps workflows and how to address them effectively. You’ll learn how to implement security measures in the planning phase, including threat modeling and secure coding practices. You’ll also explore pre-commit security controls, source control security, and the integration of various security tools in the build and test phases. The book covers crucial aspects of securing the release and deploy phases, focusing on artifact integrity, infrastructure as code security, and runtime protection.
By the end of this book, you’ll have the knowledge and skills to implement a secure code-to-cloud process for the Azure cloud.
What you will learn
- Understand the relationship between Agile, DevOps, and the cloud
- Secure the use of containers in a CI/CD workflow
- Implement a continuous and automated threat modeling process
- Secure development toolchains such as GitHub Codespaces, Microsoft Dev Box, and GitHub
- Integrate continuous security throughout the code development workflow, pre-source and post-source control contribution
- Integrate SCA, SAST, and secret scanning into the build process to ensure code safety
- Implement security in release and deploy phases for artifact and environment compliance
Who this book is for
This book is for security professionals and developers transitioning to a public cloud environment or moving towards a DevSecOps paradigm. It’s also designed for DevOps engineers, or anyone looking to master the implementation of DevSecOps in a practical manner. Individuals who want to understand how to integrate security checks, testing, and other controls into Azure cloud continuous delivery pipelines will also find this book invaluable. Prior knowledge of DevOps principles and practices, as well as an understanding of security fundamentals will be beneficial.
Table of Contents
- Agile, DevOps, and Azure Overview
- Security Challenges of the DevOps Workflow
- Implementing Security in the Plan Phase of DevOps
- Implementing Pre-commit Security Controls
- Implementing Source Control Security
- Implementing Security in the Build Phase of DevOps
- Implementing Security in the Test and Release Phases of DevOps
- Continuous Security Monitoring on Azure
About the Author
David Okeyode is the EMEA chief technology officer for Azure at Palo Alto Networks. Before that, he was an independent consultant helping companies secure their Azure environments through private expert-level training and assessments. He has authored three books on Azure security – Penetration Testing Azure for Ethical Hackers, Microsoft Azure Security Technologies Certification and Beyond, and Designing and Implementing Microsoft Azure Networking Solutions. He has also authored multiple cloud computing courses for the popular training platform LinkedIn Learning. He holds over 15 cloud certifications across Azure and AWS platforms, including the Azure Security Engineer, Azure DevOps, and AWS Security Specialist certifications. David is married to a lovely girl who makes the best banana cake in the world. They love traveling the world together!
Joylynn Kirui is a senior cloud security advocate at Microsoft. She focuses on DevSecOps on GitHub and Azure, which includes application security. She is an infosec evangelist who believes in empowering developers and users in general on security best practices. She has vast experience in web and mobile app security testing, DevSecOps, and GSM security, having previously worked in the telco industry. She has a passion for mentorship and training students and empowering them. She has spoken at several conferences, where she shares her knowledge in cybersecurity and software development. She was among the Top 50 Women in Cyber Security Africa 2020 finalists, Woman Hacker of the Year Africa 2020 finalists, and Young CISO Vanguard 2022, among others. When not hacking, she enjoys farming, traveling, and adrenaline-filled activities.
相关文件下载地址
相关推荐
- Zabbix 7 IT Infrastructure Monitoring Cookbook: Explore the new features of Zabbix 7 for designing, building, and maintaining your Zabbix setup, 3rd Edition
- Mastering DevOps on Microsoft Power Platform: Build, deploy, and secure low-code solutions on Power Platform using Azure DevOps and GitHub
- Microsoft Unified XDR and SIEM Solution Handbook: Modernize and build a unified SOC platform for future-proof security
- Microsoft Dynamics 365 AI for Business Insights: Transform your business processes with the practical implementation of Dynamics 365 AI modules
- VMware Cloud on AWS Blueprint: Design, automate, and migrate VMware workloads on AWS global infrastructure
- DevOps Unleashed with Git and GitHub: Automate, collaborate, and innovate to enhance your DevOps workflow and development experience