Cloud Security - Quick Reference

Kim Carter
April 2018
Purchase Book Kim's Other Books Workshop Podcast Blog Post

Abstract

In this book we walk through threat modelling your Cloud environment. We break down and provide solid understanding of the shared responsibility model, that is: What are the CSPs responsibilities and what are your responsibilities as a consumer of the services that your chosen CSP offers. We provide a set of questions and possible answers to help you evaluate the most suitable CSP for your needs.

We discus the pros and cons of the Cloud vs In-house clouds, along with techniques for improving your understanding and implementation of the principle of least privilege in the Cloud.

Type
Book
Publication
Self Hosted and LeanPub

The book also covers:

  • Techniques and tools for storing and accessing secrets in the Cloud securely
  • Risks and countermeasures of serverless offerings
  • Infrastructure and configuration management techniques and tools
  • An interview with Scott Piper (AWS security specialist)
  • Many other tips, tricks and tools

Cloud Security - Quick Reference

Please note that the entire content of this book is included in The Cloud chapter of Holistic InfoSec for Web Developers F1.


Errata (errors, typos, etc.)
publication book application-security cloud cloud-security cybersecurity dev-ops dev-sec-ops information-security infosec networking network-security security security-weaknesses serverless software-security
Kim Carter
Kim Carter
Technologist / Engineer, Information Security Professional

Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd and PurpleTeam-Labs. Ex OWASP NZ Chapter Leader of eight years. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains.