Description

---

A no-fluff guide to implementing best practices for securing cloud native services.

This book teaches you best practices for building a scaled cloud native security program, with a focus on microservices security. You’ll be guided through every step of developing and deploying security infrastructure in a cloud native software development environment, using modern, cutting-edge security tenets. In later chapters, you’ll put all of these skills together in a case study from the author’s first-hand experience as engineers and technical managers. This vendor-agnostic book relies on open source software and in-house tools you can scale up or down for your own organization’s requirements. 

Along the way, you’ll learn to:

• Perform threat monitoring to understand the security properties and risks of cloud native environments
  
• Implement secure authorization and authentication with cloud native patterns
  
• Use runtime monitoring to catch and stop attacks 
  
• Implement secrets management and build secure network and services meshes
  
• Think like a security engineer at scale to  effectively plan secure designs
  

Each chapter provides step-by-step explanations of vital concepts, practical examples, common security mistakes, and quizzes to test your knowledge. Whether you’re a one-person security team or part of a larger organization,, this book equips you with the skills to build a scaled cloud native security program.

About the Author

---

Nick Reva is a security engineer, author, teacher and builder that loves growing and leading security engineering teams for the world’s most ambitious engineering organizations. Over the last 10 years, Reva has led security engineering teams to build highly scalable security and services and defenses in cloud native environments at Snapchat and previously SpaceX. Reva has a Masters degree in Security Engineering and advises several companies including HackerOne, Arkose Labs and DeepFence. In 2021, he authored a Microservices Security course with Udacity that has been enjoyed by over 2,000 students.

Shrikant Pandhare is an engineering manager, leading infrastructure security at Snap, Inc. He is passionate about cloud security monitoring, cross-cloud access patterns, Kubernetes security, and securing a cloud fleet at scale. Previously, Pandhare led security initiatives at Splunk. He has also helped to secure middleware applications and build the cloud identity service at Oracle.

Michael Anderson is a security engineer and one of the founding members of the production security team at Snapchat. Anderson has presented at several national conferences, including DEFCON. He also started the Kubernetes Security team at Snapchat, leading the security effort on new infrastructure models.