This book is designed for security and risk assessment professionals, DevOps engineers, penetration testers, cloud security engineers, and cloud software developers who are interested in learning practical approaches to cloud security. It covers practical strategies for assessing the security and privacy of your cloud infrastructure and applications and shows how to make your cloud infrastructure secure to combat threats, attacks, and prevent data breaches. The chapters are designed with a granular framework, starting with the security concepts, followed by hand-on assessment techniques based on real-world studies, and concluding with recommendations including best practices.
There exist no shortcuts to cloud security because it is a continuous process and requires continuous improvements as the technology evolves.
Cloud protection requires a hybrid mechanism based on both Reactive and Proactive approaches to security and privacy.
- Chapter 1 covers cloud architecture and security fundamentals.
- Chapter 2 highlights the authentication and authorization security issues in the cloud.
- Chapter 3 focuses on the network security assessment of the cloud components.
- Chapter 4 highlights the database and storage services security and assessment.
- Chapter 5 discusses the security risks and assessment of cryptographic controls.
- Chapter 6 covers the insecure coding practices in cloud application development.
- Chapter 7 highlights the assessment of controls related to continuous monitoring and logging in the cloud.
- Chapter 8 unveils the concepts of implementing data privacy in the cloud.
- Chapter 9 enables you to conduct security and risk assessments of cloud infrastructure.
- Chapter 10 presents the case studies revealing how threat actors abuse and exploit cloud environments.
- Chapter 11 focuses on the threat intelligence and malware protection strategies.
- Includes practical strategies for assessing the security and privacy of your cloud infrastructure and applications.
- Covers topics such as cloud architecture and security fundamentals, database and storage security, data privacy, security and risk assessments, controls related to continuous monitoring, and more.
- Presents several case studies revealing how threat actors abuse and exploit cloud environments to spread malware.
Title: Empirical Cloud Security: Practical Intelligence to Evaluate Risks and Attacks Author: Aditya K. Sood Publisher: Mercury Learning and Information, 2021 ISBN: 9781683926856 Length: 450 pages Subjects: Computers › Security › Network Security
- Amazon USA: https://www.amazon.com/Empirical-Cloud-Security-Practical-Intelligence/dp/1683926854
- Stylus publishing: https://styluspub.presswarehouse.com/browse/book/9781683926856/Empirical-Cloud-Security
- Mercury Learning: http://www.merclearning.com/titles/Empirical-Cloud-Security.html
- Barnes and Noble: https://www.barnesandnoble.com/w/empirical-cloud-security-aditya-k-sood-phd/1139151874
- Google Books: https://books.google.com/books/about/Empirical_Cloud_Security.html?id=b-ArEAAAQBAJ
- Waterstones: https://www.waterstones.com/book/empirical-cloud-security/aditya-k-sood/9781683926856
- Amazon India: https://www.amazon.in/Empirical-Cloud-Security-Aditya-Sood/dp/1683926854/
- Amazon UK: https://www.amazon.co.uk/Empirical-Cloud-Security-Aditya-Sood/dp/1683926854/
- Redshelf: https://redshelf.com/app/ecom/book/1813302/empirical-cloud-security-1813302-9781683926832-aditya-k-sood
- Amazon DE: https://www.amazon.de/Empirical-Cloud-Security-Practical-Intelligence-ebook/dp/B092NLPMBH
- Euro Span Store: https://www.eurospanbookstore.com/empirical-cloud-security.html
- E-Books Store: https://www.ebooks.com/en-us/book/210255023/empirical-cloud-security/aditya-k-sood/
- Booktopia AU: https://www.booktopia.com.au/empirical-cloud-security-aditya-k-sood-phd/ebook/9781683926832.html/
Aditya K Sood (Ph.D.) is a cybersecurity advisor, practitioner, researcher, and consultant. With the experience of more than 13 years, he provides strategic leadership in the field of information security covering products and infrastructure. He is well experienced in propelling businesses by making security a salable business trait. Dr. Sood is well versed in designing algorithms by harnessing security intelligence and data science. During his career, he has worked with cross functional teams, management and customers thereby providing them with the best of the breed information security experience. Dr. Sood has research interests in cloud security, IoT security, malware automation and analysis, application security, and secure software design. He has worked on a number of projects pertaining to product/appliance security, networks, mobile, and web applications while serving Fortune 500 clients for IOActive, KPMG and others. He has authored several papers for various magazines and journals including IEEE, Elsevier, Crosstalk, ISACA, Virus Bulletin, and Usenix. His work has been featured in several media outlets including Associated Press, Fox News, The Register, Guardian, Business Insider, CBC, and others. He has been an active speaker at industry conferences and presented at Blackhat, DEFCON, HackInTheBox, RSA, Virus Bulletin, OWASP, and many others. Dr. Sood obtained his Ph.D. from Michigan State University in Computer Sciences. Dr. Sood is also an author of "Targeted Cyber Attacks" a book published by Syngress.
He held positions such as Senior Director of Threat Research and Security Strategy, Head (Director) of Cloud Security, Chief Architect of Cloud Threat Labs, Lead Architect and Researcher, Senior Consultant, and others while working for companies such as F5 Networks, Symantec, Blue Coat, Elastica, IOActive, Coseinc, and KPMG.
I would like to thank my family, my wonderful wife and my son for providing continuous support to complete this book. I am also indebted to my parents, my brother, my sister, and my mentor.
I have deep respect for all the members of the cloud security and privacy community who work day and night to contribute to the cause for making cloud secure and enabling data privacy at scale. I’d like to thank all the technical reviewers who provided continuous and valuable feedback that helped nurture this book.
I would also like to appreciate all the efforts by Martin Johnson and Jeannie Warner for reviewing the content and providing suggestions.
Thanks to David Pallai, President of Mercury Learning and Information, for ensuring the smooth delivery of this project and publishing the book with great quality.