Running your systems in the cloud doesn’t automatically make them secure. To create secure applications and infrastructure on AWS, you need to understand the tools and features the platform provides and learn new approaches to configuring and managing them. Written by security engineer Dylan Shields, AWS Security provides comprehensive coverage on the key tools and concepts you can use to defend AWS-based systems. You’ll learn how to honestly assess your existing security protocols, protect against the most common attacks on cloud applications, and apply best practices to configuring Identity and Access Management and Virtual Private Clouds.
about the technology
Rapid iteration, easy scaling, and huge savings have caused a mass migration to AWS. However, running in the cloud requires you to modify the security practices you use in on-prem infrastructure. Users of AWS who fail to adapt run the risk of exposing their business and their customers to an attack. Luckily, AWS comes with a stack of tools and services that offer a high level of control over your cloud security.
about the book
AWS Security is an invaluable guide that you’ll want to have on hand when you’re facing any cloud security problem. With a cookbook-style delivery, it’s filled with well-documented examples and procedures you can apply to common AWS security issues. This book covers best practices for access policies, data protection, auditing, continuous monitoring, and incident response. You’ll also explore several deliberately insecure applications, including a social media site and a mobile app, learning the exploits and vulnerabilities commonly used to attack them and the security practices to counter those attacks. With this practical primer, you’ll be well prepared to evaluate your system’s security, detect threats, and respond with confidence.
Securely grant access to AWS resources to coworkers and customers
Develop policies for ensuring proper access controls
Lock-down network controls using VPCs
Record audit logs and use them to identify attacks
Track and assess the security of an AWS account
Common attacks and vulnerabilities
about the reader
For software and security engineers building and securing AWS applications.
about the author
Dylan Shields is a software engineer working on Quantum Computing at AWS. Previously, Dylan was the first engineer on the AWS Security Hub team. He has also worked at Google Cloud, focusing on the security and reliability of their serverless data warehouse, BigQuery.
customers also reading
FREE domestic shipping on orders of three or more print books
The reference for every security engineer. A must-read and a clear recommendation.
A must read for anyone responsible for AWS security in their project or IT organizations.
A very well presented overview of AWS security by someone who clearly has deep and extensive practical experience in the field.
This book will help you understand what is going under the hood of AWS IAM in a couple of hours. Go for it.
I truly enjoyed reading the book. Dylan clearly has a firm grasp on the material and explains it well.
Full of interesting insights and useful mental models that will help you (a) understand the AWS security model, and (b) analyze and structure your threat modelling and response to best utilize AWS security primitives for your org.