Cloud Security - Quick Reference

Abstract

In this book we walk through threat modelling your Cloud environment. We break down and provide solid understanding of the shared responsibility model, that is: What are the CSPs responsibilities and what are your responsibilities as a consumer of the services that your chosen CSP offers. We provide a set of questions and possible answers to help you evaluate the most suitable CSP for your needs.

We discus the pros and cons of the Cloud vs In-house clouds, along with techniques for improving your understanding and implementation of the principle of least privilege in the Cloud.

Type
Publication
Self Hosted and LeanPub

The book also covers:

  • Techniques and tools for storing and accessing secrets in the Cloud securely
  • Risks and countermeasures of serverless offerings
  • Infrastructure and configuration management techniques and tools
  • An interview with Scott Piper (AWS security specialist)
  • Many other tips, tricks and tools

Cloud Security - Quick Reference

Please note that the entire content of this book is included in The Cloud chapter of Holistic InfoSec for Web Developers F1.


Errata (errors, typos, etc.)
Kim Carter
Kim Carter
Technologist / Engineer, Information Security Professional

Technologist / Engineer, Information Security Professional, Entrepreneur and the founder of BinaryMist Ltd and PurpleTeam-Labs. Ex OWASP NZ Chapter Leader of eight years. Certified Scrum Master. Facilitator, mentor and motivator of cross functional, self managing teams. With a solid 20 years of commercial industry experience across many domains.