Chapter 1, The Fundamentals of Cloud Security, begins with providing a solid foundation for
cloud computing followed by the challenges faced when an organization moves into the cloud. At the end of the chapter, we look into at a case study of the real-world scenarios about servers of a known start-up getting hacked and analyze the security shortcoming that leads to the downfall.
Chapter 2, Defense in Depth Approach, provides insights into the structural approach for defensive security that can provide a solid base for security in an organization to protect against attacks. We have an abstract overview of the tools and technologies that can be used at these layers. This chapter provides the foundation for the rest of the book.
Chapter 3, Designing Defensive Network Infrastructure, begins with revising the fundamentals related to the TCP/IP model and then continues with understanding the stateful and stateless nature of firewalls, ideal approach to design firewall rules, and best practices. We also look into the implementation approach related to IPS in the cloud along with various technologies like Bastion Hosts and Virtual Private Networks. Throughout this chapter, we discuss the best practices both in terms of process and implementation side that will help the organization build strong network perimeter.
Chapter 4, Server Hardening, deals with the operating system level security. This chapter provides insights into the implementation of the principle of least privilege based approach with the help of various technologies related to centralized authentication and single-sign-on solutions. Along with this we have a great overview related to auditing functionality with help of AuditD and explore pluggable authentication modules as well. At the end, we look into various tools and technologies for disk level encryptions, server hardening, SELinux, host-based intrusion detection system and the approach for building “Hardening / Golden Images”.
Chapter 5, Cryptography Network Security, begins with revising the fundamentals of cryptography and then moves to explore various technologies like hardware security modules, Key Management Service along with looking into the SSL/TLS section along with the associated security best practices related to HSTS, Perfect Forward Secrecy, OCSP stapling and many more.
Chapter 6, Automation in Security, explore more about configuration management and infrastructure as code-based approach and their necessity and importance in building secure environments. In this chapter, we revise and explore tools like Terraform, Ansible along with it’s associated best practices. We look into the approach of “Desired State” that can be achieved with this configuration management and infrastructure as code-based tools and it’s significance in maintaining overall security posture in the organization.
Chapter 7, Vulnerability, Pentest, and Patch Management, gives you insights on how to implement an entire cycle of vulnerability assessment to patch management. This is one of the very important parts of any organization, and many big organizations have been compromised because of not being able to implement and follow this life cycle phase. We look into the industry standard tools, proven best practices, and approaches that you can implement in your organization related to this phase.
Chapter 8, Security Logging and Monitoring, provides insights into operational considerations related to logging monitoring, an overview of log management activity, and tools and things that need to be captured to give you the right overview of the current happening within your organization.
Chapter 9, First Responder, walks you through incident response. This chapter gives you an overview of incident response and the ideal ways in which you can implement an incident response plan, along with ways in which you can continually check on the preparedness of your incident response team.
Chapter 10, Best Practices, condenses all the chapters and the associated tools into tabular form for easy insights into the overall book.