Hello, Cloud Marathoners!
A couple of days ago, I received a book from Packt – “Cloud Native Software Security Handbook”, authored by Mihir Shah and in this post, I will review and share my observations and impressions with the #cloud#community.
This book starts covering the Foundations of Cloud Native by exploring the tools and platforms offered by CNCF while providing a high-level stage for the rest of the book. Subsequently, the author dives into explaining AppSec culture and how to approach security implementation in cloud-native environments primarily using toolings like K8S, Calico, K9s, Falco, OPA Gateway, and others which I will be mentioning below.
I liked the Cloud Security Operation chapter where open-source tooling sets like Elasticsearch, Fluentd, Kibana, Prometheus, Helm, and K8S have been used to streamline security operations with automation playbooks to minimize human interventions and errors.
In addition, this book covers legal, compliance, and vendor management aspects of cloud-native software security by emphasizing its hidden cost and importance as important as mastering technical skills.
This book also provides code samples, available for online access which is a big plus.
My suggestion would be the addition of more advanced use cases and code samples in the second edition of this book.
Did you read any related book recently that made an impact on you❓
Please, share your feedback in the comments 💬
Please, check my LinkedIn post to share your feedback. Thanks!