Cloud native security isn't a game for individual players. It requires team collaboration with a platform that can help cloud security engineers, developers, and operations people do their best work. That's what the cloud native application protection platform (CNAPP) delivers. With this practical guide, you'll learn how CNAPP can help you consolidate security through DevSecOps across cloud native technologies, practices, and application lifecycles.
Through real-life attack scenarios, authors Russ Miles, Steve Giguere, and Taylor Smith help you explore how CNAPP not only mitigates multidimensional threats, but also reduces complexity and helps your team stay one step ahead of attackers. CNAPP provides a holistic approach to your cloud native development across identities, workloads, networks, and infrastructure.
With this book, you will:
- Examine threats to different parts of the cloud native stack, including pipelines, supply chains, infrastructure, workloads, and applications
- Learn what CNAPP is and how it enables the context-sharing and collaboration necessary to secure your applications from development to runtime
- Assess your own attack surface from a code and runtime standpoint
- Identify blind spots in your existing cloud native security coverage
- Leverage CNAPP to achieve a holistic, collaborative security environment
Giguere, Stephen: - Steve started his cybersecurity life by being kicked out of his high school computing class for privilege escalation on the school Unix system. He changed all the passwords to "peaches" (his friend's dog's name). But that was a long time ago.
Since then he has experienced a wide breadth of technologies throughout a career in the aero, telecoms and automotive industries improving quality, safety, velocity and efficiency.
Currently, he is enjoying life as a Cloud Security Advocate, specialising in Cloud and Infrastructure Security Automation. Prior to this, he was a Solution Architect for several cybersecurity companies, specialising in container and Kubernetes security and establishing DevSecOps best practices for enterprise CI/CD pipelines.
He also is an avid podcaster with personal podcasts Codifyre and CoSeCast. He co-runs the DevSecOps London Gathering meet-up. In his spare time, he plays the guitar and represents Great Britain playing Ultimate Frisbee!
Miles, Russ: - Russ Miles is an international speaker, trainer and author. Most recently he published Learning Chaos Engineering with O'Reilly. He also delivers public and private courses on Chaos Engineering and Resilience Engineering around the world and online for O'Reilly Media.
Smith, Taylor: - Taylor Smith is a principal product manager at Palo Alto Networks specializing in Cloud Application Security. He is passionate about building products users love, DevSecOps principals, and making technical topics more accessible to broader audiences. Prior to joining Palo Alto Networks, Taylor held product and strategy roles at NetApp, Cisco, and Gremlin. When not behind a keyboard, he can be found outside swimming or hiking with his family.
