Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in Aws, Microsoft Azure, and Google Cloud (Paperback)

Introduction

Part I: The Need for Security

Chapter 1: Determining Scope

Understanding the Application

Scoping

Chapter 2: Performing a Risk Assessment

Understanding the Threat Landscape

Threat Modeling

Preparing the Risk Assessment

Part II: Securing the Application

Chapter 3: Securing the Code

Assessing Dependencies

Using Static Code Analysis Tools

Writing Unit Tests

Chapter 4: Securing the Interfaces

Identifying the Interfaces

Determining the Interface Inputs

Reducing the Attack Surface

Chapter 5: Securing the Code Repository

Using a Code Repository

Limiting Saved Content

Part III: Securing the Infrastructure

Chapter 5: Restricting Permissions

Understanding Permissions

Identifying the Services

Updating the Permissions

Chapter 6: Account Management

Understanding Account Access

Restricting Account Access

Implementing Multi-Factor Authentication

Part IV: Monitoring and Alerting

Chapter 7: Monitoring Logs

Understanding Logging Methods

Reviewing Logs

Chapter 8: Monitoring Metrics

Understanding Metrics

Reviewing Metrics

Chapter 9: Monitoring Billing

Reviewing Billing

Chapter 10: Monitoring Security Events

Understanding Security Events

Reviewing Security Event

Chapter 10: Alerting

Understanding Alerting

Implementing Alerting

Chapter 11: Auditing

Understanding Auditing

Implementing Auditing

Chapter 12: Finalizing the Risk Assessment

Scoring the Identified Risks

Defining the Mitigation Steps

Assessing the Business Impact

Determining the Overall Security Risk Level