Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in Aws, Microsoft Azure, and Google Cloud

Calles, Miguel A.

買這商品的人也買了...

商品描述

Apply the basics of security in serverless computing to new or existing projects. This hands-on guide provides practical examples and fundamentals. You will apply these fundamentals in all aspects of serverless computing: improving the code, securing the application, and protecting the infrastructure. You will come away having security knowledge that enables you to secure a project you are supporting and have technical conversations with cybersecurity personnel.

 

At a time when there are many news stories on cybersecurity breaches, it is crucial to think about security in your applications. It is tempting to believe that having a third-party host the entire computing platform will increase security. This book shows you why cybersecurity is the responsibility of everyone working on the project.

 

What You Will Learn

 

  • Gain a deeper understanding of cybersecurity in serverless computing
  • Know how to use free and open source tools (such as the Node Package Manager, ESLint, and VSCode) to reduce vulnerabilities in your application code
  • Assess potential threats from event triggers in your serverless functions
  • Understand security best practices in serverless computing
  • Develop an agnostic security architecture while reducing risk from vendor-specific infrastructure

 

 

Who This Book Is For

Developers or security engineers looking to expand their current knowledge of traditional cybersecurity into serverless computing projects. Individuals just beginning in serverless computing and cybersecurity can apply the concepts in this book in their projects.

 

商品描述(中文翻譯)

應用於新的或現有專案中的無伺服器計算的基本安全性。這本實用指南提供了實際的例子和基礎知識。您將在無伺服器計算的各個方面應用這些基礎知識:改進代碼、保護應用程序和保護基礎設施。您將獲得安全性知識,使您能夠保護您支持的專案並與網絡安全人員進行技術對話。

在許多關於網絡安全漏洞的新聞報導出現的時候,思考應用程序的安全性至關重要。人們很容易相信,讓第三方托管整個計算平台將增加安全性。本書將向您展示為什麼網絡安全是每個參與專案的人的責任。

您將學到什麼:

- 深入了解無伺服器計算中的網絡安全
- 知道如何使用免費和開源工具(如Node Package Manager、ESLint和VSCode)來減少應用程序代碼中的漏洞
- 評估無伺服器函數中事件觸發器的潛在威脅
- 理解無伺服器計算中的安全最佳實踐
- 在減少特定供應商基礎設施風險的同時,開發一個不可知的安全架構

本書適合對傳統網絡安全有一定了解並希望將其擴展到無伺服器計算專案的開發人員或安全工程師。剛開始接觸無伺服器計算和網絡安全的個人也可以在他們的專案中應用本書中的概念。

作者簡介

Miguel Calles is a freelance cybersecurity content writer. He has an information assurance certification, and works as an engineer on a serverless project. He started in cybersecurity in 2016 for a US government contract, and has been doing technical writing since 2007, and has worked in various engineering roles since 2004. Miguel started his interest in cybersecurity when he was in middle school and was trying to backward engineer websites.

 

作者簡介(中文翻譯)

Miguel Calles 是一位自由職業的網路安全內容作家。他擁有資訊保證認證,並在一個無伺服器專案中擔任工程師。他於2016年開始從事網路安全工作,為美國政府合約工作。自2007年以來,他一直從事技術寫作,並在2004年以來擔任各種工程角色。Miguel在中學時期開始對網路安全產生興趣,並嘗試逆向工程網站。