Mastering Cloud Security Posture Management (CSPM): Secure multi-cloud infrastructure across AWS, Azure, and Google Cloud using proven techniques

Nomani, Qamar

相關主題

商品描述

Strengthen your security posture in all aspects of CSPM technology, from security infrastructure design to implementation strategies, automation, and remedial actions using operational best practices across your cloud environment


Key Features:


  • Choose the right CSPM tool to rectify cloud security misconfigurations based on organizational requirements
  • Optimize your security posture with expert techniques for in-depth cloud security insights
  • Improve your security compliance score by adopting a secure-by-design approach and implementing security automation
  • Purchase of the print or Kindle book includes a free PDF eBook


Book Description:


This book will help you secure your cloud infrastructure confidently with cloud security posture management (CSPM) through expert guidance that'll enable you to implement CSPM effectively, ensuring an optimal security posture across multi-cloud infrastructures.


The book begins by unraveling the fundamentals of cloud security, debunking myths about the shared responsibility model, and introducing key concepts such as defense-in-depth, the Zero Trust model, and compliance. Next, you'll explore CSPM's core components, tools, selection criteria, deployment strategies, and environment settings, which will be followed by chapters on onboarding cloud accounts, dashboard customization, cloud assets inventory, configuration risks, and cyber threat hunting.


As you progress, you'll get to grips with operational practices, vulnerability and patch management, compliance benchmarks, and security alerts. You'll also gain insights into cloud workload protection platforms (CWPPs). The concluding chapters focus on Infrastructure as Code (IaC) scanning, DevSecOps, and workflow automation, providing a thorough understanding of securing multi-cloud environments.


By the end of this book, you'll have honed the skills to make informed decisions and contribute effectively at every level, from strategic planning to day-to-day operations.


What You Will Learn:


  • Find out how to deploy and onboard cloud accounts using CSPM tools
  • Understand security posture aspects such as the dashboard, asset inventory, and risks
  • Explore the Kusto Query Language (KQL) and write threat hunting queries
  • Explore security recommendations and operational best practices
  • Get to grips with vulnerability, patch, and compliance management, and governance
  • Familiarize yourself with security alerts, monitoring, and workload protection best practices
  • Manage IaC scan policies and learn how to handle exceptions


Who this book is for:


If you're a cloud security administrator, security engineer, or DevSecOps engineer, you'll find this book useful every step of the way-from proof of concept to the secured, automated implementation of CSPM with proper auto-remediation configuration. This book will also help cybersecurity managers, security leads, and cloud security architects looking to explore the decision matrix and key requirements for choosing the right product. Cloud security enthusiasts who want to enhance their knowledge to bolster the security posture of multi-cloud infrastructure will also benefit from this book.

商品描述(中文翻譯)

加強您在CSPM技術的各個方面的安全姿態,從安全基礎架構設計到實施策略、自動化和補救措施,使用操作最佳實踐來跨您的雲環境。

主要特點:
- 根據組織需求選擇合適的CSPM工具來糾正雲安全配置錯誤
- 通過專家技術優化您的安全姿態,獲得深入的雲安全洞察
- 通過採用安全設計方法和實施安全自動化來提高您的安全合規得分
- 購買印刷版或Kindle電子書將包括免費的PDF電子書

書籍描述:
本書將通過專家指導,幫助您自信地通過雲安全姿態管理(CSPM)來保護您的雲基礎架構,確保在多雲基礎架構上實現最佳安全姿態。

本書首先揭示了雲安全的基本原則,揭穿了關於共享責任模型的迷思,並介紹了深度防禦、零信任模型和合規性等關鍵概念。接下來,您將探索CSPM的核心組件、工具、選擇標準、部署策略和環境設置,然後是關於加入雲帳戶、儀表板自定義、雲資產清單、配置風險和網絡威脅狩獵的章節。

隨著您的進展,您將掌握操作實踐、漏洞和補丁管理、合規基準和安全警報。您還將獲得有關雲工作負載保護平台(CWPP)的見解。最後幾章專注於基礎架構即代碼(IaC)掃描、DevSecOps和工作流自動化,全面了解保護多雲環境的安全。

通過閱讀本書,您將磨練技能,從戰略規劃到日常運營,做出明智的決策並有效地貢獻。

學到的內容:
- 了解如何使用CSPM工具部署和加入雲帳戶
- 瞭解儀表板、資產清單和風險等安全姿態方面
- 探索Kusto查詢語言(KQL)並撰寫威脅狩獵查詢
- 探索安全建議和操作最佳實踐
- 熟悉漏洞、補丁和合規管理以及治理
- 掌握安全警報、監控和工作負載保護的最佳實踐
- 管理IaC掃描策略並學習如何處理異常情況

本書適合對象:
- 如果您是雲安全管理員、安全工程師或DevSecOps工程師,您將在每個步驟中找到本書的有用信息,從概念驗證到具有適當自動修復配置的安全自動化實施。本書還將幫助想要探索選擇合適產品的決策矩陣和關鍵要求的網絡安全經理、安全負責人和雲安全架構師。對於希望增強對多雲基礎架構安全姿態的知識的雲安全愛好者,本書也將帶來益處。