This book covers the core principles and advanced practices for securing cloud-native environments. It’s organized to follow the lifecycle of a cloud-native

application—from design to development, deployment, and operations. You’ll learn how to:

■■Understand the shared responsibility model and apply it across different cloud service types (IaaS, PaaS, SaaS)

■■ Secure containerized workloads using Kubernetes, Docker, and container orchestration platforms

■■ Integrate security into CI/CD pipelines with DevSecOps best practices

■■ Leverage cloud-native security services from major providers like AWS, Azure, and Google Cloud

■■ Implement identity and access management, secrets management, and Zero Trust in cloud environments

■■Detect and respond to threats with cloud-native SIEMs, CNAPPs, and runtime security tools

■■Navigate compliance and governance frameworks tailored to cloud-native workloads Along the way, you’ll find case studies, design patterns, reference architectures, and actionable checklists to apply in real environments.

Who Should Read This Book

This book is for professionals at the intersection of security, cloud, and development. Whether you wear the hat of:

■■ Security professionals: Those tasked with safeguarding organizational assets will find actionable strategies to implement robust security measures in cloud-native environments.

■■ Software developers and DevOps engineers: As the lines between development and operations blur, understanding security becomes imperative. This book offers insights into integrating security practices seamlessly into the development lifecycle.

■■ Cloud architects: Professionals responsible for designing and implementing cloud infrastructures will benefit from the in-depth exploration of secure architectural patterns and best practices.

■■ IT managers and decision-makers: Leaders seeking to make informed decisions about cloud adoption and risk management will gain a comprehensive understanding of the challenges and solutions in cloud-native

Table of Contents

Chapter 1 Introduction to Cloud-Based Containers

Chapter 2 Cloud-Native Kubernetes: Azure, GCP, and AWS

Chapter 3 Understanding the Threats Against Cloud-Based Containerized Environments

Chapter 4 Secure Cloud Container Platform and Container Runtime

Chapter 5 Secure Application Container Security in the Cloud

Chapter 6 Secure Monitoring in Cloud-Based Containers

Chapter 7 Kubernetes Orchestration Security

Chapter 8 Zero Trust Model for Cloud Container Security

Chapter 9 DevSecOps in Cloud-Based Container Platform

Chapter 10 Application Modernization with Cloud Containers

Chapter 11 Compliance and Governance in Cloud-Based Containers

Chapter 12 Case Studies and Real-World Examples in Cloud Container Security

Chapter 13 The Future of Cloud-Based Container Security

Chapter 14 Security Automation and AI in Cloud Container Security

Chapter 15 Cloud Container Platform Resiliency

Appendix A Glossary of Cloud and Container Security Terms

Appendix B Resources for Further Reading on Cloud-Based Containers

Appendix C Cloud-Specific Tools and Platforms for Container Security

About the Authors

Sina Manavi is a distinguished cloud security leader, strategist, and technology executive with over 17 years of experience in cloud security, IT infrastructure, and cybersecurity governance. As the Global Head of Cloud Security at DHL IT Services, he leads enterprise-wide security programs, cloud security frameworks, and risk management strategies for one of the world’s largest logistics and transportation companies.

Abbas Kudrati is a renowned cybersecurity leader, bestselling author, educator, and trusted advisor with more than two decades of experience in cybersecurity, identity security, governance, risk management, and compliance (GRC). Currently serving as the Chief Identity Security Advisor for APAC at Silverfort, Abbas works closely with enterprises, government agencies, and security leaders to drive identity security strategies, Zero Trust adoption, and advanced cloud security frameworks.

Muhammad Aizuddin Zali is a cloud security architect, DevSecOps advocate, and technology strategist with extensive expertise in container security, Kubernetes security, and cloud-native application protection. As a Principal Architect and Team Manager at DHL IT Services, he plays a pivotal role in designing and securing enterprise cloud environments, ensuring resilience, compliance, and security automation.