Identity-Native Infrastructure Access Management: Preventing Breaches by Eliminating Secrets and Adopting Zero Trust (Paperback)
暫譯: 身份原生基礎設施存取管理:透過消除秘密與採用零信任來防止違規 (平裝本)
Kontsevoy, Ev, Shah, Sakshyam, Conrad, Peter
買這商品的人也買了...
-
Arduino 官方正版 Genuino 101$1,700$1,700 -
打開量化投資的黑箱, 2/e (Inside the Black Box: A Simple Guide to Quantitative and High Frequency Trading, 2/e)$414$393 -
Raspberry Pi 3 Model B+ (UK製)$4,620$4,389 -
晉昇軟體最高殿堂:Jenkins2 持續整合大師之路$600$474 -
Deep Learning with JavaScript: Neural Networks in Tensorflow.Js$1,650$1,568 -
JavaScript 技術手冊$560$442 -
Building a Future-Proof Cloud Infrastructure: A Unified Architecture for Network, Security and Storage Services (Paperback)$1,998$1,898 -
Microservices Security in Action$1,980$1,881 -
$1,038BPF 之巔:洞悉 Linux 系統和應用性能 (BPF Performance Tools) -
$2,070Multithreaded JavaScript: Concurrency Beyond the Event Loop -
Multicore and GPU Programming: An Integrated Approach, 2/e (美國原版)$4,180$3,971 -
性能之巔:系統、企業與雲可觀測性, 2/e$1,428$1,357 -
計算機系統開發與優化實戰$659$626 -
Engineering Manager's Handbook: An insider's guide to managing software development and engineering teams$1,570$1,492 -
C++ Programming for Linux Systems: Create robust enterprise software for Linux and Unix-based operating systems (Paperback)$1,880$1,786 -
Programming Your GPU with OpenMP: Performance Portability for GPUs (Paperback)$2,800$2,660 -
$1,710Distributed Systems (Paperback) -
建立演進式系統架構|支援常態性的變更, 2/e (Building Evolutionary Architectures: Automated Software Governance, 2/e)$580$458 -
$301基於近鄰思想和同步模型的聚類算法 -
OpenTelemetry 入門指南:建立全面可觀測性架構(iThome鐵人賽系列書)【軟精裝】$750$375 -
$2,242Defensive Security Handbook: Best Practices for Securing Infrastructure (Paperback) -
C++ 之美:代碼簡潔、安全又跑得快的 30個要訣 (Beautiful C++: 30 Core Guidelines for Writing Clean, Safe, and Fast Code)$654$621 -
$2,043Learning Systems Thinking: Essential Nonlinear Skills and Practices for Software Professionals (Paperback) -
Collaborative Software Design: How to Facilitate Domain Modeling Decisions$1,890$1,796 -
可觀測性入門指南:Logs、Metrics、Traces 三大實戰應用,用 24個 Lab 鞏固你的 SRE 技能樹 (iThome鐵人賽系列書)$680$530
相關主題
商品描述
Traditional secret-based credentials can't scale to meet the complexity and size of cloud and on-premises infrastructure. Today's applications are spread across a diverse range of clouds and colocation facilities, as well as on-prem data centers. Each layer of this modern stack has its own attack vectors and protocols to consider.
How can you secure access to diverse infrastructure components, from bare metal to ephemeral containers, consistently and simply? In this practical book, authors Ev Kontsevoy, Sakshyam Shah, and Peter Conrad break this topic down into manageable pieces. You'll discover how different parts of the approach fit together in a way that enables engineering teams to build more secure applications without slowing down productivity.
With this book, you'll learn:
- The four pillars of access: connectivity, authentication, authorization, and audit
- Why every attack follows the same pattern, and how to make this threat impossible
- How to implement identity-based access across your entire infrastructure with digital certificates
- Why it's time for secret-based credentials to go away
- How to securely connect to remote resources including servers, databases, K8s Pods, and internal applications such as Jenkins and GitLab
- Authentication and authorization methods for gaining access to and permission for using protected resources
商品描述(中文翻譯)
傳統的基於密碼的憑證無法擴展以滿足雲端和本地基礎設施的複雜性和規模。當今的應用程式分佈在各種雲端和共置設施,以及本地數據中心。這個現代技術堆疊的每一層都有其自身的攻擊向量和協議需要考慮。
如何能夠一致且簡單地保護對各種基礎設施組件的訪問,從裸金屬到短暫容器?在這本實用的書中,作者 Ev Kontsevoy、Sakshyam Shah 和 Peter Conrad 將這個主題分解為可管理的部分。您將發現這種方法的不同部分如何協同運作,使工程團隊能夠在不降低生產力的情況下構建更安全的應用程式。
通過這本書,您將學到:
- 訪問的四大支柱:連接性、身份驗證、授權和審計
- 為什麼每次攻擊都遵循相同的模式,以及如何使這種威脅變得不可能
- 如何使用數位憑證在整個基礎設施中實施基於身份的訪問
- 為什麼是時候讓基於密碼的憑證消失
- 如何安全地連接到遠端資源,包括伺服器、數據庫、K8s Pods,以及內部應用程式如 Jenkins 和 GitLab
- 獲取對受保護資源的訪問和使用許可的身份驗證和授權方法
