Cloud native security isn't a game for individual players. It requires team collaboration with a platform that can help cloud security engineers, developers, and operations people do their best work. That's what the cloud native application protection platform (CNAPP) delivers. With this practical guide, you'll learn how CNAPP can help you consolidate security through DevSecOps across cloud native technologies, practices, and application lifecycles.
Through real-life attack scenarios, authors Russ Miles, Taylor Smith, and Steve Giguere help you explore how CNAPP not only mitigates multidimensional threats, but also reduces complexity and helps your team stay one step ahead of attackers. CNAPP provides a holistic approach to your cloud native development across identities, workloads, networks, and infrastructure.
You'll explore:
- Threats to different parts of the cloud native stack, including pipelines, supply chains, infrastructure, workloads, and applications
- What CNAPP is and how it enables the context-sharing and collaboration necessary to secure your applications from development to runtime
- How to assess your own attack surface from a code and runtime standpoint
- How to identify blind spots in your existing cloud native security coverage
- How to leverage CNAPP to achieve a holistic, collaborative security environment
About the Authors
Russ Miles is an international speaker, trainer and author. Most recently he published
Learning Chaos Engineering with O'Reilly. He also delivers public and private courses on Chaos Engineering and Resilience Engineering around the world and online for O'Reilly Media. He is currently Head of Engineering at Segovia Technology.
Taylor Smith is a Senior Product Marketing Manager for Prisma Cloud at Palo Alto Networks, covering shift left and container security. He helps customers integrate security into DevOps tooling and processes to secure the entire cloud native application stack. Previously, he held product marketing and strategy positions at Gremlin, Cisco, and NetApp.
Steve started his cybersecurity life by being kicked out of his high school computing class for privilege escalation on the school Unix system. He changed all the passwords to "peaches" (his friend's dog's name). But that was a long time ago.
Since then he has experienced a wide breadth of technologies throughout a career in the aero, telecoms and automotive industries improving quality, safety, velocity and efficiency.
Currently, he is enjoying life as a Cloud Security Advocate with Prisma Cloud by Palo Alto, specialising in Cloud and Infrastructure Security Automation. Prior to this, he was a Solution Architect for several cybersecurity companies, specialising in container and Kubernetes security and establishing DevSecOps best practices for enterprise CI/CD pipelines.
He also is an avid podcaster with personal podcasts Codifyre and CoSeCast. He co-runs the DevSecOps London Gathering meet-up. In his spare time, he plays the guitar and represents Great Britain playing Ultimate Frisbee!