Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the color images
• Conventions used
• Get in touch
• Share your thoughts

1. Section 1: Securing Infrastructure Cloud Services

2. Chapter 1: Introduction to Cloud Security FREE CHAPTER

• Technical requirements
• What is a cloud service?
• What are the cloud deployment models?
• What are the cloud service models?
• Why we need security
• What is the shared responsibility model?
• Command-line tools
• Summary

3. Chapter 2: Securing Compute Services

• Technical requirements
• Securing VMs
• Securing managed database services
• Securing containers
• Securing serverless/function as a service
• Summary

4. Chapter 3: Securing Storage Services

• Technical requirements
• Securing object storage
• Securing block storage
• Securing file storage
• Securing the CSI
• Summary

5. Chapter 4: Securing Networking Services

• Technical requirements
• Securing virtual networking
• Securing DNS services
• Securing CDN services
• Securing VPN services
• Securing DDoS protection services
• Securing WAF services
• Summary

6. Section 2: Deep Dive into IAM, Auditing, and Encryption

7. Chapter 5: Effective Strategies to Implement IAM Solutions

• Technical requirements
• Introduction to IAM
• Failing to manage identities
• Securing cloud-based IAM services
• Securing directory services
• Configuring MFA
• Summary

8. Chapter 6: Monitoring and Auditing Your Cloud Environments

• Technical requirements
• Conducting security monitoring and audit trails
• Conducting threat detection and response
• Conducting incident response and digital forensics
• Summary

9. Chapter 7: Applying Encryption in Cloud Services

• Technical requirements
• Introduction to encryption
• Best practices for deploying KMSes
• Best practices for deploying secrets management services
• Best practices for using encryption in transit
• Best practices for using encryption at rest
• Encryption in use
• Summary

10. Section 3: Threats and Compliance Management

11. Chapter 8: Understanding Common Security Threats to Cloud Services

• Technical requirements
• The MITRE ATT&CK framework
• Detecting and mitigating data breaches in cloud services
• Detecting and mitigating misconfigurations in cloud services
• Detecting and mitigating insufficient IAM and key management in cloud services
• Detecting and mitigating account hijacking in cloud services
• Detecting and mitigating insider threats in cloud services
• Detecting and mitigating insecure APIs in cloud services
• Detecting and mitigating the abuse of cloud services
• Summary

12. Chapter 9: Handling Compliance and Regulation

• Technical requirements
• Compliance and the shared responsibility model
• Introduction to compliance with regulatory requirements and industry best practices
• What are the common ISO standards related to cloud computing?
• What is a SOC report?
• What is the CSA STAR program?
• What is PCI DSS?
• What is the GDPR?
• What is HIPAA?
• Summary

13. Chapter 10: Engaging with Cloud Providers

• Technical requirements
• Choosing a cloud provider
• What is a cloud provider questionnaire?
• Tips for contracts with cloud providers
• Conducting penetration testing in cloud environments
• Summary

14. Section 4: Advanced Use of Cloud Services

15. Chapter 11: Managing Hybrid Clouds

• Technical requirements
• Hybrid cloud strategy
• Identity management over hybrid cloud environments
• Network architecture for hybrid cloud environments
• Storage services for hybrid cloud environments
• Compute services for hybrid cloud environments
• Securing hybrid cloud environments
• Summary

16. Chapter 12: Managing Multi-Cloud Environments

• Technical requirements
• Multi-cloud strategy
• Identity management over multi-cloud environments
• Network architecture for multi-cloud environments
• Data security in multi-cloud environments
• Cost management in multi-cloud environments
• Cloud Security Posture Management (CSPM)
• Cloud Infrastructure Entitlement Management (CIEM)
• Patch and configuration management in multi-cloud environments
• The monitoring and auditing of multi-cloud environments
• Summary

17. Chapter 13:Security in Large-Scale Environments

• Technical requirements
• Managing governance and policies at a large scale
• Automation using IaC
• Security in large-scale cloud environments
• Summary
• What's next?
• Why subscribe?

18. Other Books You May Enjoy

• Packt is searching for authors like you
• Share your thoughts