If you are a system administrator or a DevOps engineer with responsibility for finding loop holes in your system or application, then this book is for you. It's also useful for security consultants looking to automate their infrastructure's security model.What You Will Learn
Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.
We'll start by covering various popular modules and writing simple playbooks to showcase those modules. You'll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you'll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on.
Moving on, you'll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we'll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs.Style and approach
This comprehensive guide will teach you to manage Linux and Windows hosts remotely in a repeatable and predictable manner. The book takes an in-depth approach and helps you understand how to set up complicated stacks of software with codified and easy-to-share best practices.
Madhu Akula is a security ninja and security and devops researcher with extensive experience in the industry, ranging from client-facing assignments building scalable and secure infrastructure, to publishing industry-leading research to running training sessions for companies and governments alike. Madhu's research papers are frequently selected for major security industry conferences including Defcon 24, All Day DevOps (2016, 2017), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n, Serverless Summit ToorCon, DefCamp, SkydogCon, NolaCon, and null, and more. Madhu was a keynote speaker for the National Cyber Security conference at Dayananda Sagar College in February 2016. When he's not working with Appsecco's clients or speaking at events, he's actively involved in researching vulnerabilities in open source products/platforms such as WordPress, Ntop, and Opendocman. He's also a contributing bug hunter with Code Vigilant (a project to secure open source software). His research has identified many vulnerabilities in over 200 organizations including the U.S. Department of Homeland Security, Google, Microsoft, Yahoo, Adobe, LinkedIn, eBay, AT&T, Blackberry, Cisco, Barracuda, and more. He is also an active member of Bugcrowd, Hackerone, Synack, and more. Madhu has trained over 5000 people in information security for companies and organizations including the Indian Navy and the Ministry of e-services in a leading Gulf state.
Akash Mahajan is an accomplished security professional with over a decade's experience in providing specialist application and infrastructure consulting services at the highest levels to companies, governments, and organizations around the world. He has lots of experience in working with clients to provide innovative security insights that truly reflect the commercial and operational needs of the organization, from strategic advice to testing and analysis to incident response and recovery. He is an active participant in the international security community and a conference speaker both individually, as chapter lead of the Bangalore chapter of OWASP the global organization responsible for defining the standards for web application security and as a co-founder of NULL India's largest open security community. Akash runs Appsecco, a company focused on Application Security. He authored the book Burp Suite Essentials published by Packt Publishing in November 2014, which is listed as a reference by the creators of Burp Suite.
Docker book designed for SysAdmins, SREs, Operations staff, Developers and DevOps who are interested in deploying the open source container service Docker.
In this book, we'll walk you through installing, deploying, managing, and extending Docker. We're going to do that by first introducing you to the basics of Docker and its components. Then we'll start to use Docker to build containers and services to perform a variety of tasks.
We're going to take you through the development lifecycle, from testing to production, and see where Docker fits in and how it can make your life easier. We'll make use of Docker to build test environments for new projects, demonstrate how to integrate Docker with continuous integration workflow, and then how to build application services and platforms. Finally, we'll show you how to use Docker's API and how to extend Docker yourself.
We'll teach you how to:
* Install Docker.
* Take your first steps with a Docker container.
* Build Docker images.
* Manage and share Docker images.
* Run and manage more complex Docker containers.
* Deploy Docker containers as part of your testing pipeline.
* Build multi-container applications and environments.
* Learn about orchestration using Compose and Swarm for the orchestration of Docker containers and Consul for service discovery.
* Explore the Docker API.
* Getting Help and Extending Docker.
Author Jeff Patton shows you how changeable story maps enable your team to hold better conversations about the project throughout the development process. Your team will learn to come away with a shared understanding of what you’re attempting to build and why.Get a high-level view of story mapping, with an exercise to learn key concepts quicklyUnderstand how stories really work, and how they come to life in Agile and Lean projectsDive into a story’s lifecycle, starting with opportunities and moving deeper into discoveryPrepare your stories, pay attention while they’re built, and learn from those you convert to working software
Gruntwork co-founder Yevgeniy (Jim) Brikman walks you through dozens of code examples that demonstrate how to use Terraform’s simple, declarative programming language to deploy and manage infrastructure with just a few commands. Whether you’re a novice developer, aspiring DevOps engineer, or veteran sysadmin, this book will take you from Terraform basics to running a full tech stack capable of supporting a massive amount of traffic and a large team of developers.Compare Terraform to other IAC tools, such as Chef, Puppet, Ansible, and Salt StackUse Terraform to deploy server clusters, load balancers, and databasesLearn how Terraform manages the state of your infrastructure and how it impacts file layout, isolation, and lockingCreate reusable infrastructure with Terraform modulesTry out advanced Terraform syntax to implement loops, if-statements, and zero-downtime deploymentUse Terraform as a team, including best practices for writing, testing, and versioning Terraform code