Empirical Cloud Security Second Edition: Practical Intelligence to Evaluate Risks and Attacks

The second edition of the book has been updated with the latest research and developments in the field of cloud security. The content has been refined and streamlined to make it more accessible and engaging for readers. The book is designed for security and risk assessment professionals, DevOps engineers, penetration testers, cloud security engineers, and cloud software developers who are interested in learning practical approaches to cloud security. It covers practical strategies for assessing the security and privacy of your cloud infrastructure and applications and shows how to make your cloud infrastructure secure to combat threats, attacks, and prevent data breaches. The chapters are designed with a granular framework, starting with the security concepts, followed by hands-on assessment techniques based on real-world studies, and concluding with recommendations including best practices.

Features
+Updated with the latest research and developments in the field of cloud security
+Includes practical strategies for assessing the security and privacy of your cloud infrastructure and applications
+Covers topics such as cloud architecture and security fundamentals, database and storage security, data privacy, security and risk assessments, controls related to continuous monitoring, and more
+Presents new case studies revealing how threat actors abuse and exploit cloud environments to spread malware and includes preventative measures

Table of Contents
1: Cloud Architecture and Security Fundamentals. 2: IAM for Authentication and Authorization. 3: Cloud Infrastructure. 4: Database and Storage Services. 5: Design and Analysis of Cryptography Controls. 6: Cloud Applications. 7: Cloud Monitoring and Logging. 8: Privacy in the Cloud. 9: Cloud Security and Privacy: Flaws, Attacks, and Impact Assessments. 10: Malicious Code in the Cloud. 11. Threat Intelligence and Malware Protection in the Cloud. Appendices. Index.

About the Author
Aditya K. Sood (PhD) is a cybersecurity practitioner with more than 15 years of experience working with cross-functional teams, management, and customers to create the best-of-breed information security experience. His articles have appeared in magazines and journals, including IEEE, Elsevier, ISACA, Virus Bulletin, and USENIX, and he is the author of Targeted Cyber Attacks (Syngress). He has presented his research at industry leading security conferences such as BlackHat, DEFCON, Virus Bulletin, and others.