Designing and Developing Secure Azure Solutions
1st Edition
Published on 26. December 2022
528 pages
978-0-13-790868-4 (ISBN)
Description
Plan, build, and maintain highly secure Azure applications and workloads
As business-critical applications and workloads move to the Microsoft Azure cloud, they must stand up against dangerous new threats. That means you must build robust security into your designs, use proven best practices across the entire development lifecycle, and combine multiple Azure services to optimize security. Now, a team of leading Azure security experts shows how to do just that. Drawing on extensive experience securing Azure workloads, the authors present a practical tutorial for addressing immediate security challenges, and a definitive design reference to rely on for years. Learn how to make the most of the platform by integrating multiple Azure security technologies at the application and network layers- taking you from design and development to testing, deployment, governance, and compliance.
About You
This book is for all Azure application designers, architects, developers, development managers, testers, and everyone who wants to make sure their cloud designs and code are as secure as possible.
Discover powerful new ways to:
Improve app / workload security, reduce attack surfaces, and implement zero trust in cloud code
Apply security patterns to solve common problems more easily
Model threats early, to plan effective mitigations
Implement modern identity solutions with OpenID Connect and OAuth2
Make the most of Azure monitoring, logging, and Kusto queries
Safeguard workloads with Azure Security Benchmark (ASB) best practices
Review secure coding principles, write defensive code, fix insecure code, and test code security
Leverage Azure cryptography and confidential computing technologies
Understand compliance and risk programs
Secure CI / CD automated workflows and pipelines
Strengthen container and network security
As business-critical applications and workloads move to the Microsoft Azure cloud, they must stand up against dangerous new threats. That means you must build robust security into your designs, use proven best practices across the entire development lifecycle, and combine multiple Azure services to optimize security. Now, a team of leading Azure security experts shows how to do just that. Drawing on extensive experience securing Azure workloads, the authors present a practical tutorial for addressing immediate security challenges, and a definitive design reference to rely on for years. Learn how to make the most of the platform by integrating multiple Azure security technologies at the application and network layers- taking you from design and development to testing, deployment, governance, and compliance.
About You
This book is for all Azure application designers, architects, developers, development managers, testers, and everyone who wants to make sure their cloud designs and code are as secure as possible.
Discover powerful new ways to:
Improve app / workload security, reduce attack surfaces, and implement zero trust in cloud code
Apply security patterns to solve common problems more easily
Model threats early, to plan effective mitigations
Implement modern identity solutions with OpenID Connect and OAuth2
Make the most of Azure monitoring, logging, and Kusto queries
Safeguard workloads with Azure Security Benchmark (ASB) best practices
Review secure coding principles, write defensive code, fix insecure code, and test code security
Leverage Azure cryptography and confidential computing technologies
Understand compliance and risk programs
Secure CI / CD automated workflows and pipelines
Strengthen container and network security
More details
Series
Edition
1. Auflage
Language
English
Place of publication
Boston
United States
Publishing group
Pearson Education (US)
Target group
Professional and scholarly
File size
31,46 MB
ISBN-13
978-0-13-790868-4 (9780137908684)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Michael Howard | Simone Curzi | Heinrich Gantenbein
Designing and Developing Secure Azure Solutions
Book
01/2023
1st Edition
Addison Wesley
€41.49
Available immediately
Persons
Michael Howard is a 30-year Microsoft veteran and is currently a Principal Security Program Manager in the Azure Data Platform team, working on security engineering. He is one of the original architects of the Microsoft Security Development Lifecycle and has helped diverse customers such as government, military, education, finance, and healthcare secure their Azure workloads. He was the application security lead for the Rio 2016 Olympic games, which were hosted on Azure.
Heinrich Gantenbein is a Senior Principal Consultant on Cybersecurity in Microsoft's Industry Solutions Delivery. With 30+ years of experience in software engineering and more than 30 years of experience in consulting, he brings a wealth of practical know-how to his role. Heinrich specializes in Azure security, threat modeling, and DevSecOps.
Simone Curzi is a Principal Consultant from Microsoft's Industry Solutions Delivery. He has 20+ years of experience covering various technical roles in Microsoft and has fully devoted himself to security for more than 10 years. A renowned threat modeling and Microsoft Security Development Lifecycle expert, Simone is a regular speaker at international conferences such as Microsoft Ready, Microsoft Spark, (ISC)2 Security Congress, Carnegie Mellon's SEI DevOps Days, and Security Compass Equilibrium. Simone is also author of an open source threat modeling tool, Threats Manager Studio.
Heinrich Gantenbein is a Senior Principal Consultant on Cybersecurity in Microsoft's Industry Solutions Delivery. With 30+ years of experience in software engineering and more than 30 years of experience in consulting, he brings a wealth of practical know-how to his role. Heinrich specializes in Azure security, threat modeling, and DevSecOps.
Simone Curzi is a Principal Consultant from Microsoft's Industry Solutions Delivery. He has 20+ years of experience covering various technical roles in Microsoft and has fully devoted himself to security for more than 10 years. A renowned threat modeling and Microsoft Security Development Lifecycle expert, Simone is a regular speaker at international conferences such as Microsoft Ready, Microsoft Spark, (ISC)2 Security Congress, Carnegie Mellon's SEI DevOps Days, and Security Compass Equilibrium. Simone is also author of an open source threat modeling tool, Threats Manager Studio.
Content
PART I SECURITY PRINCIPLES
CHAPTER 1 Secure development lifecycle processes
CHAPTER 2 Secure design
CHAPTER 3 Security patterns
CHAPTER 4 Threat modeling
CHAPTER 5 Identity, authentication, and authorization
CHAPTER 6 Monitoring and auditing
CHAPTER 7 Governance
CHAPTER 8 Compliance and risk programs
PART II SECURE IMPLEMENTATION
CHAPTER 9 Secure coding
CHAPTER 10 Cryptography in Azure
CHAPTER 11 Confidential computing
CHAPTER 12 Container security
CHAPTER 13 Database security
CHAPTER 14 CI/CD security
CHAPTER 15 Network security
Appendix A: Core cryptographic techniques
CHAPTER 1 Secure development lifecycle processes
CHAPTER 2 Secure design
CHAPTER 3 Security patterns
CHAPTER 4 Threat modeling
CHAPTER 5 Identity, authentication, and authorization
CHAPTER 6 Monitoring and auditing
CHAPTER 7 Governance
CHAPTER 8 Compliance and risk programs
PART II SECURE IMPLEMENTATION
CHAPTER 9 Secure coding
CHAPTER 10 Cryptography in Azure
CHAPTER 11 Confidential computing
CHAPTER 12 Container security
CHAPTER 13 Database security
CHAPTER 14 CI/CD security
CHAPTER 15 Network security
Appendix A: Core cryptographic techniques
