Atnaujinkite slapukų nuostatas

Identity Security for Software Development: Building with Identity, Secrets, and Credentials [Minkštas viršelis]

, ,
  • Formatas: Paperback / softback, 250 pages, aukštis x plotis: 233x178 mm
  • Išleidimo metai: 16-May-2025
  • Leidėjas: O'Reilly Media
  • ISBN-10: 1098158032
  • ISBN-13: 9781098158033
Kitos knygos pagal šią temą:
Identity Security for Software Development: Building with Identity, Secrets, and CredentialsDidesnis paveikslėlis
  • Formatas: Paperback / softback, 250 pages, aukštis x plotis: 233x178 mm
  • Išleidimo metai: 16-May-2025
  • Leidėjas: O'Reilly Media
  • ISBN-10: 1098158032
  • ISBN-13: 9781098158033
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9781098158033.html

Maintaining secrets, credentials, and nonhuman identities in secure ways is an important, though often overlooked, aspect of secure software development. Cloud migration and digital transformation have led to an explosion of nonhuman identities—like automation scripts, cloud native apps, and DevOps tools—that need to be secured across multiple cloud and hybrid environments.

DevOps security often addresses vulnerability scanning, but it neglects broader discussions like authentication, authorization, and access control, potentially leaving the door open for breaches. That's where an identity security strategy focused on secrets management can help.

In this practical book, authors John Walsh and Uzi Ailon provide conceptual frameworks, technology overviews, and practical code snippets to help DevSecOps engineers, cybersecurity engineers, security managers, and software developers address use cases across CI/CD pipelines, Kubernetes and cloud native, hybrid and multicloud, automation/RPA, IOT/OT, and more. You'll learn:

  • The fundamentals of authentication, authorization, access control, and secrets management
  • What developers need to know about managing secrets and identity to build safer apps
  • What nonhuman identities, secrets, and credentials are—and how to secure them
  • How developers work with their cross-function peers to build safer apps
  • How identity security fits into modern software development practices

John Walsh is a distinguished authority in software security, with over 15 years of experience in various roles within enterprise security companies. From software developer to product manager, product marketing, and open-source community manager, his diverse background has equipped him with a comprehensive understanding of securing the entire software supply chain. This unique perspective enables him to communicate the intricacies of enterprise software security with clarity and depth, catering to both technical and non-technical audiences. Uzi is a seasoned software engineering professional with over 25 years of experience, including 15 years focused on customer engagement and sales. With deep expertise in the entire software development lifecycle, security, and DevOps, Uzi understands the business objectives of Fortune 500 companies and the unique challenges enterprises face in balancing innovation with security. Matt was co-founder & CEO of Jetstack, best known for its open source project 'cert-manager', which is downloaded millions of times a day to secure cloud native infrastructure. He now leads Workload Identity Architecture for CyberArk.