Identity Security for Software Development: Best Practices That Every Developer Must Know (Paperback)
暫譯: 軟體開發中的身份安全:每位開發者必知的最佳實踐 (平裝本)
Walsh, John, Ailon, Uzi, Barker, Matt
買這商品的人也買了...
-
$700Professional Scrum Development with Microsoft Visual Studio 2012 (Paperback) -
Arduino 官方正版 Genuino 101$1,700$1,700 -
$958深度學習 -
Raspberry Pi 3 Model B+ (UK製)$1,505$1,474 -
$1,320Deep Learning with JavaScript: Neural Networks in Tensorflow.Js -
Web 開發者一定要懂的駭客攻防術 (Web Security for Developers: Real Threats, Practical Defense)$420$331 -
資料科學的統計實務 : 探索資料本質、扎實解讀數據,才是機器學習成功建模的第一步$599$509 -
資安這條路:領航新手的 Web Security 指南,以自建漏洞環境學習網站安全(iT邦幫忙鐵人賽系列書)$680$578 -
Martin Fowler 的企業級軟體架構模式:軟體重構教父傳授 51個模式,活用設計思考與架構決策 (Patterns of Enterprise Application Architecture)$800$624 -
我懂了!專案管理 (暢銷紀念版)$400$316 -
電腦視覺機器學習實務|建立端到端的影像機器學習 (Practical Machine Learning for Computer Vision: End-To-End Machine Learning for Images)$780$616 -
Learning Blazor: Build Single-Page Apps with Webassembly and C# (Paperback)$2,185$2,070 -
ASP.NET Core Razor Pages in Action (Paperback)$2,160$2,052 -
OAuth 2.0 從入門到實戰:利用驗證和授權守護 API 的安全$600$420 -
DevOps Handbook |打造世界級技術組織的實踐指南, 2/e (中文版) (The Devops Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations, 2/e)$650$455 -
JavaScript 設計模式學習手冊, 2/e (Learning JavaScript Design Patterns: A JavaScript and React Developer's Guide, 2/e)$580$458 -
超圖解 ESP32 應用實作$820$647 -
OpenTelemetry 入門指南:建立全面可觀測性架構(iThome鐵人賽系列書)【軟精裝】$750$525 -
資料庫內部原理|深入了解分散式資料系統的運作方式$780$616 -
無瑕的程式碼 軟體工匠篇:程式設計師必須做到的紀律、標準與倫理 (Clean Craftsmanship: Disciplines, Standards, and Ethics)$720$561 -
Grokking Relational Database Design (Paperback)$1,750$1,662 -
從源頭就優化 - 動手開發自己的編譯器實戰$880$695 -
Beyond Vibe Coding: From Coder to Ai-Era Developer (Paperback)$2,327$2,205 -
UX 商業價值實現之道|打造成功的數位產品服務 (UX for Business: How to Design Valuable Digital Companies)$780$616 -
建構可擴展系統|設計分散式架構 (Foundations of Scalable Systems: Designing Distributed Architectures)$780$616
商品描述
Maintaining secrets, credentials, and nonhuman identities in secure ways is an important, though often overlooked, aspect of secure software development. Cloud migration and digital transformation have led to an explosion of nonhuman identities--like automation scripts, cloud native apps, and DevOps tools--that need to be secured across multiple cloud and hybrid environments.
DevOps security often addresses vulnerability scanning, but it neglects broader discussions like authentication, authorization, and access control, potentially leaving the door open for breaches. That's where an identity security strategy focused on secrets management can help.
In this practical book, authors John Walsh and Uzi Ailon provide conceptual frameworks, technology overviews, and practical code snippets to help DevSecOps engineers, cybersecurity engineers, security managers, and software developers address use cases across CI/CD pipelines, Kubernetes and cloud native, hybrid and multicloud, automation/RPA, IOT/OT, and more. You'll learn:
- The fundamentals of authentication, authorization, access control, and secrets management
- What developers need to know about managing secrets and identity to build safer apps
- What nonhuman identities, secrets, and credentials are--and how to secure them
- How developers work with their cross-function peers to build safer apps
- How identity security fits into modern software development practices
商品描述(中文翻譯)
維護秘密、憑證和非人類身份的安全方式是安全軟體開發中一個重要但常被忽視的方面。雲端遷移和數位轉型導致非人類身份的激增,例如自動化腳本、雲原生應用程式和 DevOps 工具,這些都需要在多個雲端和混合環境中進行安全管理。
DevOps 安全通常會處理漏洞掃描,但卻忽略了更廣泛的討論,如身份驗證、授權和存取控制,這可能會留下安全漏洞。因此,專注於秘密管理的身份安全策略可以提供幫助。
在這本實用的書中,作者 John Walsh 和 Uzi Ailon 提供了概念框架、技術概述和實用的程式碼片段,以幫助 DevSecOps 工程師、網路安全工程師、安全經理和軟體開發人員解決 CI/CD 管道、Kubernetes 和雲原生、混合和多雲、自動化/RPA、物聯網/運營技術等領域的使用案例。您將學到:
- 身份驗證、授權、存取控制和秘密管理的基本原則
- 開發人員在管理秘密和身份以建立更安全的應用程式時需要知道的事項
- 什麼是非人類身份、秘密和憑證,以及如何保護它們
- 開發人員如何與跨功能同事合作以建立更安全的應用程式
- 身份安全如何融入現代軟體開發實踐中
