July 2018
Intermediate to advanced
356 pages
9h 18m
English
Content preview from Hands-On Security in DevOps
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Stage 1 – basic security control
In this stage, we may be dealing with a start-up company. No dedicated security team is part of the IT team. Most security controls are adopted from cloud services, such as AWS.
Although the cloud service may provide security services, it's still the user's responsibility to protect the application and data. Therefore, the following are critical for the security assurance program at this stage. Take AWS service practices as an example:
- Leverage third-party cloud service provider security mechanisms (for example, AWS provides IAM, KMS, security groups, WAF, Inspector, CloudWatch, and Config)
- Secure configuration replies on external tools such as AWS Config and Inspector
- Service or operation monitoring may ...