Autorzy | |
Wydawnictwo | Springer, Berlin |
Data wydania | |
Liczba stron | 473 |
Forma publikacji | książka w miękkiej oprawie |
Język | angielski |
ISBN | 9781484282359 |
Kategorie | Bezpieczeństwo komputerowe |
Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Today, there is widespread consensus-it is not a matter of if, but rather when an organization will be breached. Threat actors typically target the path of least resistance. With the accelerating adoption of cloud technologies and remote work, the path of least resistance is shifting in substantive ways. In recent years, attackers have realigned their efforts, focusing on remaining undetected, monetization after exploitation, and publicly shaming organizations after a breach.
New, innovative, and useful products continue to emerge and offer some cloud protection, but they also have distinct limitations. No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity. The simple fact is that the cloud is based on a company's assets being offered as services. As a result, the best security any organization can achieve is to establish controls and procedures in conjunction with services that are licensed in the cloud.
Cloud Attack Vectors details the risks associated with cloud deployments, the techniques threat actors leverage, the empirically-tested defensive measures organizations should adopt, and shows how to improve detection of malicious activity.
What You'll Learn
Who This Book Is For
New security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloudCloud Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Cloud Resources
Introduction
Chapter 1. Cloud Computing
Software as a Service
Platform as a Service
Infrastructure as a Service
Function as a Service
X as a ServiceDesktop as a Service
Data Center as a Service
Managed Software as a ServiceBackend as a Service
Chapter 2. Cloud Providers
Amazon Web ServicesMicrosoft Azure
Google Cloud Platform
Oracle Cloud
Alibaba
Other Services
Chapter 3. Cloud Definitions
Identities
Accounts
Entitlements
Privileges
Rights
Permissions
Containers
SegmentationMicrosegmentation
Instances
Chapter 4. Asset Management
Discovery
Chapter 5. Attack Vectors
EntitlementsVulnerabilities
Hardening
Configurations
Credentials
S3 Buckets
Identities
Entitlements
API
Authentication
Certificates
PhishingRemote Access
Supply Chain - 3rd Party MSP/MSSP
Chapter 6. Mitigations
Hardening
Patch Management
PAM
CIEM
CIAM
CWPP
Chapter 7. Regulatory Compliance
Security Questionnaires
SOC
Type I
Type II
Type III
Cloud Security Alliance
CCMCAIQ
CIS Controls
PCI DSS
ISO
NIST
FedRamp
Chapter 8. Architectures
Zero Trust
Cloud-Native
HybridEphemeral Implementations
Accounts
Instances
Privileges
Chapter 9. Imposter Syndrome
Chapter 10. Recommendations
Chapter 11. Conclusion