Learn Kubernetes Security: Securely orchestrate, scale, and manage your microservices in Kubernetes deployments
暫譯: 學習 Kubernetes 安全性:安全地編排、擴展和管理您的微服務於 Kubernetes 部署中
Huang, Kaizhe, Jumde, Pranjal
- 出版商: Packt Publishing
- 出版日期: 2020-07-09
- 售價: $1,200
- 貴賓價: 9.5 折 $1,140
- 語言: 英文
- 頁數: 330
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1839216506
- ISBN-13: 9781839216503
-
相關分類:
Kubernetes、Microservices 微服務、SOA、資訊安全
立即出貨 (庫存=1)
買這商品的人也買了...
-
$352低功耗藍牙開發權威指南 -
使用者故事對照 (User Story Mapping: Discover the Whole Story, Build the Right Product)$580$458 -
打動人心的產品設計|頂尖設計師打造成功產品的黃金法則 (Designing Products People Love: How Great Designers Create Successful Products)$580$458 -
3天搞懂財經資訊:看懂財經新聞、企業財報不求人,找出年年下蛋的金雞母!$300$255 -
3天搞懂基金買賣:3000元起,累積你的第一桶金 (最新增訂版)$300$237 -
$500汽車黑客大曝光 (The Car Hacker's Handbook:A Guide for the Penetration Tester) -
3天搞懂資產配置:存富、創富、守富、傳富,四步驟靈活規劃財富藍圖,投資理財一把罩!$300$255 -
$454黑客大曝光:工業控制系統安全 (Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions) -
3天搞懂 ETF 投資:跨市跨境高CP值,讓你繞著地球轉N圈!$300$255 -
MIS 一定要懂的 82個伺服器建置與管理知識$420$332 -
領域驅動設計:軟體核心複雜度的解決方法 (Domain-Driven Design: Tackling Complexity in the Heart of Software)$680$578 -
圖解資訊安全與個資保護|網路時代人人要懂的自保術$380$300 -
區塊鏈的商業應用成功實例|企業轉型x創新x營收成長 (Blockchain for Business)$380$266 -
史上最完整細節:Kubernetes 超應用全書$980$774 -
$1,742Microservices Security in Action -
Go語言高併發與微服務實戰$534$507 -
深入淺出 Go (Head First Go)$880$695 -
$1,010CISSP 權威指南, 8/e (CISSP All-in-One Exam Guide, 8/e) -
無卡無現金時代:網路支付業務規劃設計及實作$690$545 -
$505DevSecOps 實戰 -
The Hacker Playbook 3 中文版:滲透測試實戰 (紅隊版)$650$507 -
CYBERSEC 2022 臺灣資安年鑑 ─ 零信任資安時代來臨:信任邊界徹底瓦解,安全需源自反覆驗證$179$161
商品描述
Kubernetes is an open source orchestration platform for managing containerized applications. Despite widespread adoption of the technology, DevOps engineers might be unaware of the pitfalls of containerized environments. With this comprehensive book, you'll learn how to use the different security integrations available on the Kubernetes platform to safeguard your deployments in a variety of scenarios.
Learn Kubernetes Security starts by taking you through the Kubernetes architecture and the networking model. You'll then learn about the Kubernetes threat model and get to grips with securing clusters. Throughout the book, you'll cover various security aspects such as authentication, authorization, image scanning, and resource monitoring. As you advance, you'll learn about securing cluster components (the kube-apiserver, CoreDNS, and kubelet) and pods (hardening image, security context, and PodSecurityPolicy). With the help of hands-on examples, you'll also learn how to use open source tools such as Anchore, Prometheus, OPA, and Falco to protect your deployments.
By the end of this Kubernetes book, you'll have gained a solid understanding of container security and be able to protect your clusters from cyberattacks and mitigate cybersecurity threats.
商品描述(中文翻譯)
Kubernetes 是一個開源的容器編排平台,用於管理容器化應用程式。儘管這項技術已被廣泛採用,但 DevOps 工程師可能對容器化環境的陷阱並不熟悉。通過這本全面的書籍,您將學習如何使用 Kubernetes 平台上可用的不同安全整合來保護您的部署,應對各種情境。
《學習 Kubernetes 安全》首先將帶您了解 Kubernetes 的架構和網路模型。接著,您將學習 Kubernetes 的威脅模型,並掌握如何保護叢集。在整本書中,您將涵蓋各種安全方面,例如身份驗證、授權、映像掃描和資源監控。隨著進度的推進,您將學習如何保護叢集組件(kube-apiserver、CoreDNS 和 kubelet)和 Pods(加固映像、安全上下文和 PodSecurityPolicy)。藉助實作範例,您還將學習如何使用開源工具,如 Anchore、Prometheus、OPA 和 Falco 來保護您的部署。
在這本 Kubernetes 書籍結束時,您將對容器安全有扎實的理解,並能夠保護您的叢集免受網路攻擊,並減輕網路安全威脅。
作者簡介
Kaizhe Huang is a security researcher at Sysdig, where he researches how to defend Kubernetes and containers from attacks ranging from web attacks to kernel attacks. Kaizhe is one of the maintainers of Falco, an incubation-level CNCF project, and the original author of multiple open source projects, such as kube-psp-advisor. Before joining Sysdig, as an employee at Stackrox, Kaizhe helped build a detection data pipeline, conducted security research, and innovated detection based on machine learning. Previously, as a senior security engineer at Oracle, he helped build security products: Database Vault, Database Privilege Analyzer, and Database Assessment Tool. Kaizhe holds an MS degree in information security from Carnegie Mellon University.
Pranjal Jumde
Pranjal Jumde is a senior security engineer at Brave Inc. In the security industry, he has worked on different aspects of security, such as browser security, OS/kernel security, DevSecOps, web application security, reverse engineering malware, security automation, and the development of security/privacy features. Before joining Brave, as an employee at Stackrox, Pranjal helped in the development of detection and enforcement features for the runtime detection platform. He has also worked at Apple and Adobe, where he worked on the development of features to harden various platforms. Pranjal holds an MS degree in information security from Carnegie Mellon University. He has also presented his research at different conferences, such as ACM CCS and BSides SF/Delhi.
作者簡介(中文翻譯)
Kaizhe Huang 是 Sysdig 的安全研究員,他的研究重點是如何防禦 Kubernetes 和容器免受從網路攻擊到核心攻擊的各種攻擊。Kaizhe 是 Falco 的維護者之一,這是一個孵化階段的 CNCF 項目,也是多個開源項目的原始作者,例如 kube-psp-advisor。在加入 Sysdig 之前,作為 Stackrox 的員工,Kaizhe 幫助建立了一個檢測數據管道,進行安全研究,並基於機器學習創新檢測技術。之前,作為 Oracle 的高級安全工程師,他幫助建立了安全產品:Database Vault、Database Privilege Analyzer 和 Database Assessment Tool。Kaizhe 擁有卡內基梅隆大學的信息安全碩士學位。
Pranjal Jumde 是 Brave Inc. 的高級安全工程師。在安全行業中,他參與了安全的不同方面,例如瀏覽器安全、操作系統/核心安全、DevSecOps、網路應用安全、惡意軟體的逆向工程、安全自動化以及安全/隱私功能的開發。在加入 Brave 之前,作為 Stackrox 的員工,Pranjal 幫助開發了運行時檢測平台的檢測和執行功能。他還曾在 Apple 和 Adobe 工作,參與了加固各種平台的功能開發。Pranjal 擁有卡內基梅隆大學的信息安全碩士學位。他還在不同的會議上展示了他的研究,例如 ACM CCS 和 BSides SF/Delhi。
