DevSecOps for Azure: End-to-end supply chain security for GitHub, Azure DevOps, and the Azure cloud
Okeyode, David, Kirui, Joylynn, Hanselman, Scott
- 出版商: Packt Publishing
- 出版日期: 2024-08-28
- 售價: $1,840
- 貴賓價: 9.5 折 $1,748
- 語言: 英文
- 頁數: 342
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1837631115
- ISBN-13: 9781837631117
-
相關分類:
DevOps、Version Control、Microsoft Azure、資訊安全
海外代購書籍(需單獨結帳)
相關主題
商品描述
Gain holistic insights and practical expertise in embedding security within the DevOps pipeline, specifically tailored for Azure cloud environments
Key Features:
- Learn how to integrate security into Azure DevOps workflows for cloud infrastructure
- Find out how to integrate secure practices across all phases of the Azure DevOps workflow, from planning to monitoring
- Harden the entire DevOps workflow, from planning and coding to source control, CI, and cloud workload deployment
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description:
Businesses must prioritize security, especially when working in the constantly evolving Azure cloud. However, many organizations struggle to maintain security and compliance. Attackers are increasingly targeting software development processes, making software supply chain security crucial. This includes source control systems, build systems, CI/CD platforms, and various artifacts. With the help of this book, you'll be able to enhance security and compliance in Azure software development processes.
Starting with an overview of DevOps and its relationship with Agile methodologies and cloud computing, you'll gain a solid foundation in DevSecOps principles. The book then delves into the security challenges specific to DevOps workflows and how to address them effectively. You'll learn how to implement security measures in the planning phase, including threat modeling and secure coding practices. You'll also explore pre-commit security controls, source control security, and the integration of various security tools in the build and test phases. The book covers crucial aspects of securing the release and deploy phases, focusing on artifact integrity, infrastructure as code security, and runtime protection.
By the end of this book, you'll have the knowledge and skills to implement a secure code-to-cloud process for the Azure cloud.
What You Will Learn:
- Understand the relationship between Agile, DevOps, and the cloud
- Secure the use of containers in a CI/CD workflow
- Implement a continuous and automated threat modeling process
- Secure development toolchains such as GitHub Codespaces, Microsoft Dev Box, and GitHub
- Integrate continuous security throughout the code development workflow, pre-source and post-source control contribution
- Integrate SCA, SAST, and secret scanning into the build process to ensure code safety
- Implement security in release and deploy phases for artifact and environment compliance
Who this book is for:
This book is for security professionals and developers transitioning to a public cloud environment or moving towards a DevSecOps paradigm. It's also designed for DevOps engineers, or anyone looking to master the implementation of DevSecOps in a practical manner. Individuals who want to understand how to integrate security checks, testing, and other controls into Azure cloud continuous delivery pipelines will also find this book invaluable. Prior knowledge of DevOps principles and practices, as well as an understanding of security fundamentals will be beneficial.
Table of Contents
- Agile, DevOps, and Azure Overview
- Security Challenges of the DevOps Workflow
- Implementing Security in the Plan Phase of DevOps
- Implementing Pre-commit Security Controls
- Implementing Source Control Security
- Implementing Security in the Build Phase of DevOps
- Implementing Security in the Test and Release Phases of DevOps
- Continuous Security Monitoring on Azure
商品描述(中文翻譯)
獲得全面的見解和實用的專業知識,將安全性嵌入 DevOps 流程中,特別針對 Azure 雲端環境量身打造
主要特點:
- 學習如何將安全性整合到 Azure DevOps 工作流程中,以保護雲端基礎設施
- 瞭解如何在 Azure DevOps 工作流程的所有階段中整合安全實踐,從規劃到監控
- 強化整個 DevOps 工作流程,從規劃和編碼到版本控制、持續整合 (CI) 和雲端工作負載部署
- 購買印刷版或 Kindle 版書籍可獲得免費 PDF 電子書
書籍描述:
企業必須優先考慮安全性,尤其是在不斷演變的 Azure 雲端中。然而,許多組織在維持安全性和合規性方面面臨挑戰。攻擊者越來越多地針對軟體開發過程,這使得軟體供應鏈安全變得至關重要。這包括版本控制系統、建置系統、CI/CD 平台和各種工件。藉助本書,您將能夠增強 Azure 軟體開發過程中的安全性和合規性。
本書從 DevOps 的概述及其與 Agile 方法論和雲端運算的關係開始,讓您對 DevSecOps 原則有堅實的基礎。接著,本書深入探討 DevOps 工作流程中特有的安全挑戰以及如何有效應對這些挑戰。您將學習如何在規劃階段實施安全措施,包括威脅建模和安全編碼實踐。您還將探索預提交安全控制、版本控制安全以及在建置和測試階段整合各種安全工具。本書涵蓋了保護發佈和部署階段的關鍵方面,重點在於工件完整性、基礎設施即代碼安全和運行時保護。
在本書結束時,您將具備在 Azure 雲端中實施安全的代碼到雲端過程的知識和技能。
您將學到的內容:
- 理解 Agile、DevOps 和雲端之間的關係
- 在 CI/CD 工作流程中確保容器的安全使用
- 實施持續和自動化的威脅建模過程
- 確保開發工具鏈的安全,如 GitHub Codespaces、Microsoft Dev Box 和 GitHub
- 在代碼開發工作流程中整合持續安全,涵蓋預源和後源控制貢獻
- 將 SCA、SAST 和秘密掃描整合到建置過程中,以確保代碼安全
- 在發佈和部署階段實施安全,以確保工件和環境的合規性
本書適合對象:
本書適合安全專業人士和轉向公共雲環境或朝向 DevSecOps 範式的開發人員。它也設計給 DevOps 工程師,或任何希望以實用方式掌握 DevSecOps 實施的人士。希望了解如何將安全檢查、測試和其他控制整合到 Azure 雲端持續交付管道中的個人也會發現本書非常有價值。具備 DevOps 原則和實踐的先前知識,以及對安全基本原則的理解將是有益的。
目錄:
- Agile、DevOps 和 Azure 概述
- DevOps 工作流程的安全挑戰
- 在 DevOps 的規劃階段實施安全
- 實施預提交安全控制
- 實施版本控制安全
- 在 DevOps 的建置階段實施安全
- 在 DevOps 的測試和發佈階段實施安全
- 在 Azure 上進行持續安全監控