Cover image for DevSecOps in Kubernetes

DevSecOps in Kubernetes

Release Date: 2021/07/01
ISBN: 9781098101787
Topic:
0%
11
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Security is now everyone's job. Whether your system is cloud native or lives in the cloud with a traditional architecture, moving off premises has made security more complex than ever. To protect your assets, you should consolidate the groups involved in development, orchestration, and deployment, because they'll all have different insights.

If your work touches any part of the software development lifecycle (SDLC), this report is for you. You'll learn how to integrate security measures into software development methodologies and architectural designs. Then you'll discover how DevSecOps helps you embed security into the SDLC to identify and address threats. Make your team and organization stronger, more resilient, and more secure by adopting the DevSecOps mindset.

  • Pick the right team: essential if your cloud native design uses virtualized applications rather than virtualized systems
  • Select the right tools: manage the entire virtualized application lifecycle with Kubernetes
  • Automate everything you can: automation is testable to ensure you're using the right process
  • Verify everything: use humans to confirm that the right things are happening
  • Introduce security early: embed security in developer workflows
  • Identify threats: use threat modeling in your application or system design

Table of Contents

  1. Introduction
  2. 1. Software Development Life Cycles
    1. The Value of Processes
    2. Repeatability and Consistency
    3. Process Improvement
    4. DevOps
    5. Kubernetes and the Software Development Life Cycle
    6. Summary
  3. 2. Architectural Designs
    1. Traditional Application Design
    2. Service-Oriented Architecture
    3. Cloud Native Design
    4. Management Considerations
    5. Cloud Native Design with Kubernetes
    6. Summary
  4. 3. DevOps and DevSecOps
    1. DevOps
    2. Cultural Change
    3. Critical Roles
    4. Cattle and Pets
    5. DevSecOps and Shifting Left
    6. DevSecOps with Kubernetes
    7. Summary
  5. 4. Security and Requirements
    1. Risk and Threat and Vulnerability
    2. Threat Modeling
    3. STRIDE
    4. DREAD
    5. PASTA
    6. Summary
  6. 5. Managing Threats
    1. Open Source Threat Intelligence
    2. Attack Phases
    3. MITRE ATT&CK Framework
    4. Attack Life Cycle
    5. Using an Attack Matrix
    6. Summary
  7. 6. Wrapping Up
3.133.79.70