DevOps has provided speed and quality benefits with continuous development and deployment methods, but it does not guarantee the security of an entire organization. Hands-On Security in DevOps shows you how to adopt DevOps techniques to continuously improve your organization’s security at every level, rather than just focusing on protecting your infrastructure.
This guide combines DevOps and security to help you to protect cloud services, and teaches you how to use techniques to integrate security directly in your product. You will learn how to implement security at every layer, such as for the web application, cloud infrastructure, communication, and the delivery pipeline layers. With the help of practical examples, you’ll explore the core security aspects, such as blocking attacks, fraud detection, cloud forensics, and incident response. In the concluding chapters, you will cover topics on extending DevOps security, such as risk assessment, threat modeling, and continuous security.
By the end of this book, you will be well-versed in implementing security in all layers of your organization and be confident in monitoring and blocking attacks throughout your cloud services.What you will learn
Hands-On Security in DevOps is for system administrators, security consultants, and DevOps engineers who want to secure their entire organization. Basic understanding of Cloud computing, automation frameworks, and programming is necessary.
Salesforce is one of the top CRM tools used these days, and with its immense functionalities and features, it eases the functioning of an enterprise in various areas of sales, marketing, and finance, among others. Deploying Salesforce applications is a tricky event, and it can get quite taxing for admins and consultants. This book addresses all the problems that you might encounter while trying to deploy your applications and shows you how to resort to DevOps to take these challenges head on.
Beginning with an overview of the development and delivery process of a Salesforce app, DevOps for Salesforce covers various types of sandboxing and helps you understand when to choose which type. You will then see how different it is to deploy with Salesforce as compared to deploying with another app. You will learn how to leverage a migration tool and automate deployment using the latest and most popular tools in the ecosystem. This book explores topics such as version control and DevOps techniques such as Continuous Integration, Continuous Delivery, and testing. Finally, the book will conclude by showing you how to track bugs in your application changes using monitoring tools and how to quantify your productivity and ROI.
By the end of the book, you will have acquired skills to create, test, and effectively deploy your applications by leveraging the features of DevOps.What you will learnImplement DevOps for Salesforce and understand the benefits it offersAbstract the features of Force.com MigrationTool to migrate and retrieve metadataDevelop your own CI/CD Pipeline for Salesforce projectUse Qualitia to perform scriptless automation for Continuous TestingTrack application changes using BugzillaApply Salesforce best practices to implement DevOpsWho this book is for
If you are a Salesforce developer, consultant, or manager who wants to learn DevOps tools and set up pipelines for small as well as large Salesforce projects, this book is for you.
Splunk makes it easy for you to take control of your data and drive your business with the cutting edge of operational intelligence and business analytics. Through this Learning Path, you'll implement new services and utilize them to quickly and efficiently process machine-generated big data.
You'll begin with an introduction to the new features, improvements, and offerings of Splunk 7. You'll learn to efficiently use wildcards and modify your search to make it faster. You'll learn how to enhance your applications by using XML dashboards and configuring and extending Splunk. You'll also find step-by-step demonstrations that'll walk you through building an operational intelligence application. As you progress, you'll explore data models and pivots to extend your intelligence capabilities.
By the end of this Learning Path, you'll have the skills and confidence to implement various Splunk services in your projects.
This Learning Path is for data analysts, business analysts, and IT administrators who want to leverage the Splunk enterprise platform as a valuable operational intelligence tool. Existing Splunk users who want to upgrade and get up and running with Splunk 7.x will also find this book useful. Some knowledge of Splunk services will help you get the most out of this Learning Path.
Microsoft provides organizations with an effective way of managing their network with Azure's networking services. No matter the size of your organization, Azure provides a way to highly reliable performance and secure connectivity with its networking services.
The book starts with an introduction to the Azure networking like creating Azure virtual networks, designing address spaces and subnets. Then you will learn to create and manage network security groups, application security groups, and IP addresses in Azure. Gradually, we move on to various aspects like S2S, P2S, and Vnet2Vnet connections, DNS and routing, load balancers and traffic manager. This book will cover every aspect and function required to deliver practical recipes to help readers learn from basic cloud networking practices to planning, implementing, and securing their infrastructure network with Azure. Readers will not only be able to upscale their current environment but will also learn to monitor, diagnose, and ensure secure connectivity. After learning to deliver a robust environment readers will also gain meaningful insights from recipes on best practices.
By the end of this book, readers will gain hands-on experience in providing cost-effective solutions that benefit organizations.What you will learnLearn to create Azure networking servicesUnderstand how to create and work on hybrid connectionsConfigure and manage Azure network servicesLearn ways to design high availability network solutions in AzureDiscover how to monitor and troubleshoot Azure network resourcesLearn different methods of connecting local networks to Azure virtual networksWho this book is for
This book is targeted towards cloud architects, cloud solution providers, or any stakeholders dealing with networking on the Azure cloud. Some prior understanding of Microsoft Azure will be a plus point.
Security automation is the automatic handling of software security assessments tasks. This book helps you to build your security automation framework to scan for vulnerabilities without human intervention.
This book will teach you to adopt security automation techniques to continuously improve your entire software development and security testing. You will learn to use open source tools and techniques to integrate security testing tools directly into your CI/CD framework. With this book, you will see how to implement security inspection at every layer, such as secure code inspection, fuzz testing, Rest API, privacy, infrastructure security, and web UI testing.
With the help of practical examples, this book will teach you to implement the combination of automation and Security in DevOps. You will learn about the integration of security testing results for an overall security status for projects.
By the end of this book, you will be confident implementing automation security in all layers of your software development stages and will be able to build your own in-house security automation platform throughout your mobile and cloud releases.What you will learnAutomate secure code inspection with open source tools and effective secure code scanning suggestionsApply security testing tools and automation frameworks to identify security vulnerabilities in web, mobile and cloud servicesIntegrate security testing tools such as OWASP ZAP, NMAP, SSLyze, SQLMap, and OpenSCAPImplement automation testing techniques with Selenium, JMeter, Robot Framework, Gauntlt, BDD, DDT, and Python unittestExecute security testing of a Rest API Implement web application security with open source tools and script templates for CI/CD integrationIntegrate various types of security testing tool results from a single project into one dashboardWho this book is for
The book is for software developers, architects, testers and QA engineers who are looking to leverage automated security testing techniques.
After reading this book, you should be able to use these tools to do some testing and even working on penetration projects. You just need to remember not to use these techniques in a production environment without having a formal approval.