Zero Trust Security Engineering: A Zero Trust approach to engineering security in your products (English Edition)
暫譯: 零信任安全工程:在您的產品中實現零信任安全的工程方法(英文版)
Patil, Mahesh
- 出版商: BPB Publications
- 出版日期: 2025-12-25
- 售價: $1,630
- 貴賓價: 9.5 折 $1,548
- 語言: 英文
- 頁數: 384
- 裝訂: Quality Paper - also called trade paper
- ISBN: 9365894379
- ISBN-13: 9789365894370
-
相關分類:
Penetration-test
海外代購書籍(需單獨結帳)
相關主題
商品描述
The modern digital landscape demands a radical shift from traditional perimeter defenses, making Zero Trust security the essential framework for survival. This book provides a practical, engineering-focused guide to this model, establishing that security is an organizational responsibility.
The book systematically covers the Zero Trust Architecture and its six core pillars. You will learn to implement shift left security to protect your code and supply chain, and achieve network de-perimeterisation through effective segmentation. The book details protecting your most valuable asset, data, through encryption at rest and in transit, establishing continuous vulnerability management using tools (SCA, OSS), and maintaining operational integrity with SIEM-based continuous monitoring and incident response frameworks. Finally, it applies the framework to specialized contexts like container security and AI/ML models, concluding with strategies for managing complexity and ensuring compliance with global regulatory frameworks.
By the end of this book, you will gain a deep, risk-based mastery of the entire Zero Trust lifecycle. You will be fully equipped to design, implement, and govern highly secure systems, confidently managing technical tradeoffs and transforming your organization's security posture to thrive against advanced threats.
What you will learn
● Implement the Zero Trust model across all application development stages.
● Secure coding practices to fortify your software supply chain.
● Establish robust, modern identity and access management for all users.
● Adopt comprehensive data security policies protecting data at rest and in transit.
● Implement continuous monitoring and vulnerability management for proactive defense.
● Apply Zero Trust best practices to secure containers and AI technologies.
● Balance security goals with compliance and risk management frameworks effectively.
Who this book is for
This book is essential for developers (front-end, back-end, AI/ML), data engineers, infrastructure engineers, product leaders, and senior executives. Readers should have a basic understanding of software development, cloud operations, and organizational security challenges.
Table of Contents
1. Understanding Zero Trust
2. Architecture and Pillars of Zero Trust
3. Secure Your Code, Build and Deploy
4. Secure Your Identities
5. Secure Your Network
6. Secure Your Data
7. Manage Vulnerabilities
8. Continuous Monitoring
9. Container Security
10. Security in the Age of Artificial Intelligence
11. Dealing with Complexity
12. Policies, Frameworks and Compliance
商品描述(中文翻譯)
現代數位環境要求從傳統的邊界防禦進行根本性的轉變,使得零信任安全成為生存的必要框架。本書提供了一個以工程為重點的實用指南,確立安全是組織的責任。
本書系統地涵蓋了零信任架構及其六個核心支柱。您將學會如何實施左移安全,以保護您的代碼和供應鏈,並通過有效的分段實現網絡去邊界化。本書詳細介紹了如何通過靜態和傳輸中的加密來保護您最有價值的資產——數據,建立持續的漏洞管理,使用工具(SCA、OSS),並通過基於SIEM的持續監控和事件響應框架來維護操作完整性。最後,將該框架應用於容器安全和AI/ML模型等專業背景,並以管理複雜性和確保遵守全球監管框架的策略作結。
在本書結束時,您將深入掌握整個零信任生命周期的風險基礎知識。您將完全具備設計、實施和管理高度安全系統的能力,自信地管理技術權衡,並轉變您組織的安全姿態,以應對先進威脅。
您將學到的內容:
● 在所有應用開發階段實施零信任模型。
● 安全編碼實踐以加強您的軟件供應鏈。
● 為所有用戶建立穩健的現代身份和訪問管理。
● 採用全面的數據安全政策,保護靜態和傳輸中的數據。
● 實施持續監控和漏洞管理以進行主動防禦。
● 將零信任最佳實踐應用於容器和AI技術的安全。
● 有效平衡安全目標與合規性和風險管理框架。
本書的讀者對象:
本書對於開發人員(前端、後端、AI/ML)、數據工程師、基礎設施工程師、產品負責人和高級管理人員至關重要。讀者應具備基本的軟件開發、雲端運營和組織安全挑戰的理解。
目錄:
1. 理解零信任
2. 零信任的架構與支柱
3. 保護您的代碼、構建與部署
4. 保護您的身份
5. 保護您的網絡
6. 保護您的數據
7. 管理漏洞
8. 持續監控
9. 容器安全
10. 人工智慧時代的安全
11. 應對複雜性
12. 政策、框架與合規性
