4 Security layer 2: protecting cloud infrastructures

This chapter covers

Automating the security testing of an infrastructure in continuous delivery
Restricting network access to components of the infrastructure via security groups
Opening administrative access via SSH without compromising security
Enforcing strict access controls on the invoicer’s database

The environment you built in chapter 2 to host the invoicer had several security issues. In chapter 3, you fixed the security of the application layer and learned how test-driven security can be used to integrate testing directly into the CI pipeline. You addressed vulnerabilities in the application itself by making use of browser security techniques like CSP, authentication protocols like ...

Get Securing DevOps now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Securing DevOps by Julien Vehent

4 Security layer 2: protecting cloud infrastructures

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly