Overview

Apply the basics of security in serverless computing to new or existing projects. This hands-on guide provides practical examples and fundamentals. You will apply these fundamentals in all aspects of serverless computing: improving the code, securing the application, and protecting the infrastructure. You will come away having security knowledge that enables you to secure a project you are supporting and have technical conversations with cybersecurity personnel. At a time when there are many news stories on cybersecurity breaches, it is crucial to think about security in your applications. It is tempting to believe that having a third-party host the entire computing platform will increase security. This book shows you why cybersecurity is the responsibility of everyone working on the project. What You Will Learn Gain a deeper understanding of cybersecurity in serverless computing Know how to use free and opensource tools (such as the Node Package Manager, ESLint, and VSCode) to reduce vulnerabilities in your application code Assess potential threats from event triggers in your serverless functions Understand security best practices in serverless computing Develop an agnostic security architecture while reducing risk from vendor-specific infrastructure Who This Book Is For Developers or security engineers looking to expand their current knowledge of traditional cybersecurity into serverless computing projects. Individuals just beginning in serverless computing and cybersecurity can apply the concepts in this book in their projects.

Full Product Details

Author:   Miguel A. Calles
Publisher:   APress
Imprint:   APress
Edition:   1st ed.
Weight:   0.699kg
ISBN:  

9781484260999

ISBN 10:   1484260996
Pages:   347
Publication Date:   06 October 2020
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Paperback
Publisher's Status:   Active
Availability:   Manufactured on demand  
We will order this item for you from a manufactured on demand supplier.

Table of Contents

Introduction  Part I: The Need for Security   Chapter 1: Determining Scope Understanding the Application Scoping   Chapter 2: Performing a Risk Assessment Understanding the Threat Landscape Threat Modeling Preparing the Risk Assessment   Part II: Securing the Application   Chapter 3: Securing the Code Assessing Dependencies Using Static Code Analysis Tools Writing Unit Tests   Chapter 4: Securing the Interfaces Identifying the Interfaces Determining the Interface Inputs Reducing the Attack Surface   Chapter 5: Securing the Code Repository Using a Code Repository Limiting Saved Content   Part III: Securing the Infrastructure   Chapter 5: Restricting Permissions Understanding Permissions Identifying the Services Updating the Permissions   Chapter 6: Account Management Understanding Account Access Restricting Account Access Implementing Multi-Factor Authentication Using Secrets   Part IV: Monitoring and Alerting   Chapter 7: Monitoring Logs Understanding Logging Methods Reviewing Logs   Chapter 8: Monitoring Metrics Understanding Metrics Reviewing Metrics   Chapter 9: Monitoring Billing Understanding Billing Reviewing Billing   Chapter 10: Monitoring Security Events Understanding Security Events Reviewing Security Event   Chapter 10: Alerting Understanding Alerting Implementing Alerting   Chapter 11: Auditing Understanding Auditing Implementing Auditing   Part V: Security Assessment and Report   Chapter 12: Finalizing the Risk Assessment Scoring the Identified Risks Defining the Mitigation Steps Assessing the Business Impact Determining the Overall Security Risk Level

Reviews

Author Information

Miguel Calles is a freelance cybersecurity content writer. He has an information assurance certification, and works as an engineer on a serverless project. He started in cybersecurity in 2016 for a US government contract, and has been doing technical writing since 2007, and has worked in various engineering roles since 2004. Miguel started his interest in cybersecurity when he was in middle school and was trying to backward engineer websites.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions