Security for cloud-native applications is an overview of cloud-native application's characteristics from a security point of view, filled with best practices for securing services based on AWS, Azure, and GCP infrastructure.
This book is a practical guide for securing cloud-native applications throughout their lifecycle. It establishes foundational knowledge of cloud services and cloud-native characteristics. It focuses on securing design approaches like APIs, microservices, and event-driven architectures. Specific technologies like containers, Kubernetes, and serverless functions are covered with security best practices. The book emphasizes integrating security throughout development using CI/CD pipelines and IaC tools. It explores policy as code for enforcing security policies and immutable infrastructure for enhanced security posture. Key management and threat detection strategies are also covered. Finally, the book offers a practical example and resources for further learning.
By the end of the book, the reader will be able to design and secure modern applications using the public cloud scale, managed services, automation, and built-in security controls.