Book Review: Securing DevOps

Practical advice

Throughout the book, you can find many actionable suggestions to bring improvements, one little step at a time. The focus is on cloud infrastructure, concretely on AWS. Unlike other resources I’ve seen, whenever the author is talking about hardening systems, he uses the CLI to set up things, and not the UI. That’s a very welcome change. If you want to create a reproducible setup, you need to use code to provision it. I would have liked it even more if it were using Terraform, but the CLI is a good compromise to make it more accessible.

Food for thought

The last part is a bit less concrete. It talks about setting up logging and intrusion detection, among other things. It is harder to show specific examples, so you can take it more as an appetizer, and seek additional sources if you want more depth. I guess those parts might be less likely to be relevant for non-security specialists, but it’s good to know about them. Threat modeling makes an appearance, although I think the way to learn about that is with practical exercises.

Verdict

If you are looking for a deep treaty in algorithms, this is the wrong book. It is more of a handbook of useful recipes that can help you get started in some areas and refresh what you are already doing in others. It’s not too long, and pretty easy to digest. Let’s give it ⭐⭐⭐⭐ stars.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store