You're reading from Cloud Auditing Best Practices Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803243771

Length 268 pages

Edition 1st Edition

Tools

AWS

Concepts

Cybersecurity

Authors (2):

Michael Ratemo

Shinesa Cambric

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1: The Basics of Cloud Architecture and Navigating – Understanding Enterprise Cloud Auditing Essentials

2. Chapter 1: Cloud Architecture and Navigation FREE CHAPTER

3. Chapter 2: Effective Techniques for Preparing to Audit Cloud Environments

4. Part 2:Cloud Security and IT Controls

5. Chapter 3: Identity and Access Management Controls

6. Chapter 4: Network, Infrastructure, and Security Controls

7. Chapter 5: Financial Resource and Change Management Controls

8. Part 3:Executing an Effective Enterprise Cloud Audit Plan

9. Chapter 6: Tips and Techniques for Advanced Auditing

10. Chapter 7: Tools for Monitoring and Assessing

11. Chapter 8: Walk-Through – Assessing IAM Controls

12. Chapter 9: Walk-Through – Assessing Policy Settings and Resource Controls

13. Chapter 10: Walk-Through – Assessing Change Management, Logging, and Monitoring Policies

14. Index

Why subscribe?

15. Other Books You May Enjoy

What this book covers

Chapter 1, Cloud Architecture and Navigation, provides a fundamental understanding of what a cloud environment is, navigating through different cloud provider environments, and roles and responsibilities between the cloud service provider and an auditor.

Chapter 2, Effective Techniques for Preparing to Audit Cloud Environments, covers the standard resources available to develop an audit plan, and align controls to a cloud environment, and the tools for policy and compliance automation.

Chapter 3, Identity and Access Management Controls, walks through configuration and control options for a digital identity, including authentication and authorization and reviewing activity logs.

Chapter 4, Network, Infrastructure, and Security Controls, looks at policies and options for defining and controlling network and infrastructure access and navigating security control centers.

Chapter 5, Financial Resource and Change Management Controls, introduces features available within each of the cloud environments for resource management, including billing and cost controls, and tracking changes within the cloud environment.

Chapter 6, Tips and Techniques for Advanced Auditing, provides guidance on common pitfalls an IT auditor should look out for, tips and techniques to leverage, and ideas for preparing for more advanced audits, including a primer on other cloud environments such as Alibaba, IBM, and Oracle.

Chapter 7, Tools for Monitoring and Assessing, gives a deeper insight on tools and options that exist for auditors to monitor cloud platforms, within each of the three major cloud providers.

Chapter 8, Walk-Through – Assessing IAM Controls, covers simple assessments for hands-on experience assessing identity and access management controls within the three major cloud providers.

Chapter 9, Walk-Through – Assessing Policy Settings and Resource Controls, provides practice opportunities for assessing security and compliance settings, and reviewing resource management controls.

Chapter 10, Walk-Through – Assessing Change Management, Logging, and Monitoring Policies, offers an opportunity to practice assessing compliance for changes made within the cloud environment, as well as how to leverage cloud native tools for performing logging and monitoring in the cloud.