Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems

Adkins, Heather, Beyer, Betsy, Blankinship, Paul

買這商品的人也買了...

商品描述

Can a system ever truly be considered reliable if it isn't fundamentally secure? In two previous O'Reilly books, experts from Google showed how reliability is fundamental to service design. Site Reliability Engineering and The Site Reliability Workbook demonstrated how and why a commitment to the entire service lifecycle enables organizations to successfully build, deploy, monitor, and maintain software systems.

Security is also crucial to the design and operation of scalable systems in production, as it plays an important part in product quality, performance, reliability, and availability. In a world where most products are connected to the internet, and with cloud technologies and machine learning becoming more prevalent, enabling security by default is increasingly important.

This book shares best practices to help an organization of any size design scalable and reliable systems that are fundamentally secure. It also offers insights into how teams across an organization can collaborate on security and reliability.

Specifically, you'll learn about:

  • Design Strategies
  • Implementation & Operations
  • Preparing for the Worst: Detection & Response
  • Scaling Security and the Organization

商品描述(中文翻譯)

一個系統如果沒有基本的安全性,它能被視為可靠嗎?在兩本O'Reilly的書中,Google的專家們展示了可靠性對服務設計的重要性。《Site Reliability Engineering》和《The Site Reliability Workbook》展示了為什麼在整個服務生命周期中承諾是使組織能夠成功建立、部署、監控和維護軟體系統的關鍵。

安全性對於可擴展系統在生產中的設計和運作也至關重要,因為它在產品品質、性能、可靠性和可用性方面扮演著重要角色。在大多數產品都連接到互聯網的世界中,隨著雲技術和機器學習的普及,默認啟用安全性變得越來越重要。

本書分享了最佳實踐,幫助任何規模的組織設計基本安全的可擴展和可靠的系統。它還提供了關於如何在組織中的各個團隊之間進行安全和可靠性合作的見解。

具體而言,您將學到以下內容:

- 設計策略
- 實施和運營
- 預防最壞情況:檢測和響應
- 安全性和組織的擴展

作者簡介

Heather Adkins is a 17-year Google veteran and founding member of the Google Security Team. As Sr Director of Information Security, she has built a global team responsible for maintaining the safety and security of Google's networks, systems and applications. She has an extensive background in systems and network administration with an emphasis on practical security, and has worked to build and secure some of the world's largest infrastructure. She now focuses her time primarily on the defense of Google's computing infrastructure and working with industry to tackle some of the greatest security challenges.

Betsy Beyer is a Technical Writer for Google Site Reliability Engineering in NYC, and the editor of Site Reliability Engineering: How Google Runs Production Systems and The Site Reliability Workbook. She has previously written documentation for Google's Data Center and Hardware Operations Teams in Mountain View and across its globally-distributed data centers. Before moving to New York, Betsy was a lecturer on technical writing at Stanford University. En route to her current career, Betsy studied International Relations and English Literature, and holds degrees from Stanford and Tulane.

Paul Blankinship manages the Technical Writing team for Google's Security and Privacy Engineering group. He's previously written documentation for Google Web Designer, and helped develop Google's internal security and privacy policies.

Piotr Lewandowski is a Staff Site Reliability Engineer, responsible for the security of Google's Production infrastructure and ensuring harmonious collaboration between the SRE and the Security organizations. He is also one of the responders for large-scale incidents. In his previous role he led a team responsible for the reliability of Google's critical security infrastructure. Prior to joining Google 8 years ago, he worked at CERT Polska, owned a software company and graduated from Warsaw University of Technology with a degree in Computer Science.

Ana Oprea specializes in Site Reliability Engineering, Security, and planning and strategy for Google's Technical Infrastructure - a role that follows naturally from her previous experience as a Software Developer, Technical Consultant, and Network Admin. After working and studying in Germany, France, and Romania, she accounts for different cultural approaches when facing any challenge.

Adam Stubblefield is a Distinguished Engineer and the Horizontal Lead for Security at Google. Over the past 8 years, he's led teams that have built much of Google's core security infrastructure. Adam has a PhD in Computer Science from Johns Hopkins.

作者簡介(中文翻譯)

Heather Adkins是Google的資深成員,也是Google安全團隊的創始成員之一。作為資訊安全高級總監,她建立了一個全球團隊,負責維護Google的網絡、系統和應用程式的安全。她在系統和網絡管理方面擁有豐富的背景,尤其注重實際安全,並致力於建立和保護一些世界上最大的基礎設施。她現在主要專注於保護Google的計算基礎設施,並與業界合作應對一些最大的安全挑戰。

Betsy Beyer是Google Site Reliability Engineering的技術作家,也是《Site Reliability Engineering: How Google Runs Production Systems》和《The Site Reliability Workbook》的編輯。她曾經為Google在Mountain View和全球分佈的數據中心的數據中心和硬件運營團隊撰寫文檔。在搬到紐約之前,Betsy在斯坦福大學擔任技術寫作講師。在她現在的職業生涯之前,Betsy學習國際關係和英國文學,並擁有斯坦福大學和杜蘭大學的學位。

Paul Blankinship管理Google安全和隱私工程團隊的技術寫作團隊。他之前曾為Google Web Designer撰寫文檔,並協助開發Google的內部安全和隱私政策。

Piotr Lewandowski是Google的高級現場可靠性工程師,負責保護Google的生產基礎設施,並確保SRE和安全組織之間的和諧合作。他還是大規模事件的應對人員之一。在之前的職位上,他領導了一個負責Google關鍵安全基礎設施可靠性的團隊。在8年前加入Google之前,他在CERT Polska工作,擁有一家軟件公司,並從華沙理工大學獲得計算機科學學位。

Ana Oprea專注於Site Reliability Engineering、安全和Google技術基礎設施的規劃和策略,這是她之前作為軟件開發人員、技術顧問和網絡管理員的經驗的自然延伸。在德國、法國和羅馬尼亞工作和學習之後,她在面對任何挑戰時考慮到不同的文化方法。

Adam Stubblefield是Google的杰出工程師,也是Google安全領域的橫向負責人。在過去的8年中,他領導了許多構建Google核心安全基礎設施的團隊。Adam擁有約翰霍普金斯大學的計算機科學博士學位。