Home Page Icon
Home Page
Table of Contents for
Title Page
Close
Title Page
by
Cloud Native Security
Cover
Title Page
Introduction
Meeting the Challenge
A Few Conventions
Companion Download Files
How to Contact the Publisher
Part I: Container and Orchestrator Security
CHAPTER 1: What Is A Container?
Common Misconceptions
Container Components
Kernel Capabilities
Other Containers
Summary
CHAPTER 2: Rootless Runtimes
Docker Rootless Mode
Running Rootless Podman
Summary
CHAPTER 3: Container Runtime Protection
Running Falco
Configuring Rules
Summary
CHAPTER 4: Forensic Logging
Things to Consider
Salient Files
Breaking the Rules
Key Commands
The Rules
Parsing Rules
Monitoring
Ordering and Performance
Summary
CHAPTER 5: Kubernetes Vulnerabilities
Mini Kubernetes
Options for Using kube-hunter
Container Deployment
Inside Cluster Tests
Minikube vs. kube-hunter
Getting a List of Tests
Summary
CHAPTER 6: Container Image CVEs
Understanding CVEs
Trivy
Exploring Anchore
Clair
Summary
Part II: DevSecOps Tooling
CHAPTER 7: Baseline Scanning (or, Zap Your Apps)
Where to Find ZAP
Baseline Scanning
Scanning Nmap's Host
Adding Regular Expressions
Summary
CHAPTER 8: Codifying Security
Security Tooling
Installation
Simple Tests
Example Attack Files
Summary
CHAPTER 9: Kubernetes Compliance
Mini Kubernetes
Using kube-bench
Troubleshooting
Automation
Summary
CHAPTER 10: Securing Your Git Repositories
Things to Consider
Installing and Running Gitleaks
Installing and Running GitRob
Summary
CHAPTER 11: Automated Host Security
Machine Images
Idempotency
Secure Shell Example
Kernel Changes
Summary
CHAPTER 12: Server Scanning With Nikto
Things to Consider
Installation
Scanning a Second Host
Running Options
Command-Line Options
Evasion Techniques
The Main Nikto Configuration File
Summary
Part III: Cloud Security
CHAPTER 13: Monitoring Cloud Operations
Host Dashboarding with NetData
Cloud Platform Interrogation with Komiser
Summary
CHAPTER 14: Cloud Guardianship
Installing Cloud Custodian
More Complex Policies
IAM Policies
S3 Data at Rest
Generating Alerts
Summary
CHAPTER 15: Cloud Auditing
Runtime, Host, and Cloud Testing with Lunar
AWS Auditing with Cloud Reports
CIS Benchmarks and AWS Auditing with Prowler
Summary
CHAPTER 16: AWS Cloud Storage
Buckets
Native Security Settings
Automated S3 Attacks
Storage Hunting
Summary
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cloud Native Security
Next
Next Chapter
Introduction
Cloud Native Security
Chris Binnie
Rory McCune
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset