Cloud native security isn't a game for individual players. It requires team collaboration with a platform that can help cloud security engineers, developers, and operations people do their best work. That's what the cloud native application protection platform (CNAPP) delivers. With this practical guide, you'll learn how CNAPPs can help you consolidate security through DevSecOps across cloud native technologies, practices, and application lifecycles.

Through real-life attack scenarios, authors Russ Miles, Steve Giguere, and Taylor Smith help you explore how CNAPP not only mitigates multidimensional threats, but also reduces complexity and helps your team stay one step ahead of attackers. CNAPP provides a holistic approach to your cloud native development across identities, workloads, networks, and infrastructure.

With this book, you will:

• Examine threats to different parts of the cloud native stack, including pipelines, supply chains, infrastructure, workloads, and applications
• Learn what CNAPP is and how it enables the context-sharing and collaboration necessary to secure your applications from development to runtime
• Assess your own attack surface from a code and runtime standpoint
• Identify blind spots in your existing cloud native security coverage
• Leverage CNAPP to achieve a holistic, collaborative security environment

Greetings, cloud security champions! Are you tired of juggling a million different security tools, chasing shadows, and drowning in a sea of alerts? Fret no more because Cloud Native Application Protection Platforms has arrived. This book will revolutionize the way you secure your cloud kingdom.

This isn’t your grandpa’s dusty security manual. We’re ripping down silos and shattering the chains of fragmented information. This book is your one-stop shop for everything CNAPP.

So, buckle up, and welcome. This is your passport to a world of streamlined security, unified teams, and crystal-clear threat visibility. Let’s conquer the cloud and make it a fortress against cyber villains!

Who Should Read This Book

Security is everyone’s job, and this book has something for all technology areas, from DevOps to SecOps, but most certainly, it is for those daring to secure the murky waters of cloud native application development. The book does assume that users have a basic understanding of the cloud native ecosystem.

Why We Wrote This Book

The acronym soup for securing cloud native applications has reached a tipping point. When research and consulting firm Gartner coined the acronym CNAPP, for Cloud Native Application Protection Platform, a solution was brewing. One acronym to rule them all! Our industry scrambled to define what a CNAPP was, and further confusion ensued. In this book, we seek to bring clarity not only to the technological advantages of the platform solution for cloud native security, but also to the cultural advantages.

Table of Contents

Chapter 1. Cloud Security, the Collaborative Game

Chapter 2. Playing to Win with Context and Collaboration

Chapter 3. A Shadow Cloud Emerges: Immediate Visibility, Maintaining Control

Chapter 4. Preventing Risk Early

Chapter 5. Securing Your Supply Chain

Chapter 6. Continuous Delivery, Continuous Insecurity

Chapter 7. Protecting Your Runtime

Chapter 8. Data Security Posture Management

Chapter 9. Building a CNAPP Culture

About the Author

Russ Miles is an international speaker, trainer and author. Most recently he published Learning Chaos Engineering with O'Reilly. He also delivers public and private courses on Chaos Engineering and Resilience Engineering around the world and online for O'Reilly Media.

Steve started his cybersecurity life by being kicked out of his high school computing class for privilege escalation on the school Unix system. He changed all the passwords to "peaches" (his friend's dog's name). But that was a long time ago.

Since then he has experienced a wide breadth of technologies throughout a career in the aero, telecoms and automotive industries improving quality, safety, velocity and efficiency.

Currently, he is enjoying life as a Cloud Security Advocate, specialising in Cloud and Infrastructure Security Automation. Prior to this, he was a Solution Architect for several cybersecurity companies, specialising in container and Kubernetes security and establishing DevSecOps best practices for enterprise CI/CD pipelines.

He also is an avid podcaster with personal podcasts Codifyre and CoSeCast. He co-runs the DevSecOps London Gathering meet-up. In his spare time, he plays the guitar and represents Great Britain playing Ultimate Frisbee!

Taylor Smith is a principal product manager at Palo Alto Networks specializing in Cloud Application Security. He is passionate about building products users love, DevSecOps principals, and making technical topics more accessible to broader audiences. Prior to joining Palo Alto Networks, Taylor held product and strategy roles at NetApp, Cisco, and Gremlin. When not behind a keyboard, he can be found outside swimming or hiking with his family.