Cloud Security Fundamentals : Building the Foundations for Secure Cloud Platforms.

Format:

Book

Author/Creator:

Edwards, Jason.

Language:

English

Subjects (All):

Cloud computing--Security measures.

Physical Description:

1 online resource (467 pages)

Edition:

1st ed.

Place of Publication:

Newark : John Wiley & Sons, Incorporated, 2026.

Summary:

A hands-on toolkit for securing contemporary cloud environments In Cloud Security Fundamentals: Building the Foundations for Secure Cloud Platforms , cybersecurity leader and educator, Jason Edwards, delivers a comprehensive guide to safeguarding data, applications, and infrastructure in the cloud.

Contents:

Cover

Title Page

Copyright

Contents

Preface

Acknowledgments

1: The Strategic Importance of Cloud Security

Cloud as the Default Operating Model

Business Drivers and Return on Security Investment

Evolving Risk Landscape in Cloud Contexts

Misconceptions and Shared Responsibility Realities

Cloud Security as a Business Enabler

Strategic Alignment Between Security and Enterprise Goals

Conclusion

Recommendations

2: Foundations of Cloud Computing

Historical Roots and Computing Paradigms

Core Cloud Service Models

Deployment Models

Enabling Technologies: APIs, Virtualization, and Containers

IaC and Automation Foundations

Cloud Economic Models and Abstraction Layers

Cloud Provider Ecosystems and Market Differentiation

3: The Modern Cloud Security Landscape

Emerging Threats in Cloud Environments

Cloud-specific Vulnerabilities and Attack Vectors

Deep Dive: Shared Responsibility Model by Service Tier

Limitations of Legacy Security Models in Cloud Contexts

Security Investment Patterns and Innovation Drivers

Cloud Security Maturity and Adoption Models

4: Secure Cloud Architecture and Design

Secure-by-design Principles for Cloud Infrastructure

Identity, Trust Boundaries, and Access Zones

Resilience, Redundancy, and High-availability Design

Secure Networking and Micro-segmentation Models

Data Flow Mapping, Isolation, and Asset Tiering

Avoiding Cloud Security Anti-patterns

Compliance-ready Architectural Planning

5: Identity and Access Management (IAM) in the Cloud

Identity as the Security Perimeter

Authentication Protocols and Adaptive Techniques

Authorization Models: RBAC, ABAC, and Fine-grained Access.

Privileged Access Management (PAM) at Cloud Scale

Lifecycle Automation for Identity Provisioning and Decommissioning

IAM Risks: Misconfigurations, Sprawl, and Abuse

Foundational IAM Architecture and Operational Best Practices

6: Securing Data in Cloud Environments

Data Classification and Inventory Across Cloud Assets

Encryption in Transit, at Rest, and in Use

Key Management: HSMs, KMS, Rotation, and Escrow

Data Residency, Sovereignty, and Jurisdictional Compliance

Backup, Archival, and Disaster Recovery for Data

DLP and Leak Surface Reduction

7: Monitoring, Detection, and Incident Management

Foundations of Logging and Security Telemetry in the Cloud

Threat Detection: Real-time Event Correlation and Context

Security Monitoring Across Multicloud Architectures

Incident Detection and Early Escalation Strategies

Automation and Orchestration in Incident Response

Metrics, KPIs, and Threat Intelligence Integration

Post-Incident Review and Root Cause Analysis

8: Security Automation and DevSecOps

DevSecOps Principles and Security Integration Models

Secure CI/CD Pipeline Design and Control Points

IaC Security and Policy-as-Code

Managing Secrets in Automated Development Workflows

Automating Compliance Validation in Build Pipelines

Governance Enforcement Through DevSecOps Tooling

9: Advanced Architectures and Specialized Domains

Container Security and Kubernetes Hardening

Serverless and Event-driven Architecture Security

API Security: Design, Authentication, and Rate Limiting

Supply Chain and Dependency Risk in Cloud Applications

Implementing Zero Trust in Cloud-native Environments

Security for Edge, IoT, and Distributed Cloud Models.

Resilience Engineering and Chaos Security Practices

10: Cloud Governance, Risk, and Compliance (GRC)

Foundations of Cloud Governance Structures

Enterprise Cloud Risk Management Frameworks

Mapping Regulatory Frameworks to Cloud Controls

Cloud Audit Preparedness and Evidence Collection

SaaS and Third-party Governance Risk Strategies

11: Cloud Hardening and Configuration Management

Core Principles of Secure Configuration and Hardening

Baseline Standards for Operating Systems and VMs

Container and Kubernetes Configuration Security

Hardening PaaS and Managed Cloud Services

Endpoint, Client, and Remote Access Configuration

IaC for Baseline Enforcement

Continuous Validation and Drift Detection Workflows

12: Cloud Security Testing and Validation

Security Testing Methodologies in Cloud Contexts

Continuous Vulnerability Assessment and Remediation

Cloud-aware Penetration Testing and Provider Constraints

Security Testing in DevSecOps Pipelines (SAST/DAST/IAST

External Testing, Bug Bounties, and Researcher Coordination

Purple Teaming, Simulated Attacks, and Threat-informed Defense

13: Secrets Management and Sensitive Asset Protection

Defining Secrets and Sensitive Credentials in the Cloud

Secure Secrets Lifecycle: Creation to Deletion

Centralized vs. Decentralized Secrets Management Models

Secrets Management in DevOps and CI/CD Workflows

JIT Access and Privileged Credential Rotation

Automating Secrets Management at Scale

14: Cloud Network Security

Virtual Networking Foundations and Isolation Models

Network Segmentation, Routing, and Secure Zones

Cloud Firewall Configuration and Access Control Enforcement.

Web Application Firewalls (WAF) and API Gateway Security

Secure Remote Access and Hybrid Connectivity Architectures

Traffic Logging, Packet Inspection, and Anomaly Detection

Distributed Denial of Service (DDoS) Protection, SDN, and Edge Network Security Techniques

15: Identity Federation and Multicloud Access Integration

Identity Federation Concepts and Cross-domain Trust Models

Federation Protocols: SAML, OAuth, and OIDC

Federation Architecture in Multicloud and Hybrid Environments

Designing Secure and Scalable SSO Systems

Securing Federated Sessions, Assertions, and Tokens

Governance, Logging, and Compliance for Federated Access

16: Serverless and Microservices Security

Core Concepts of Serverless and Microservices Architectures

Shared Responsibility in Serverless Execution Models

Authentication and Authorization Across Microservices

API Gateway Protection and Request Validation Techniques

Securing Events, Queues, and Triggers in Asynchronous Systems

Secrets and Data Handling in Ephemeral Execution Environments

Runtime Monitoring and Isolation for Distributed Workloads

17: Data Privacy, Residency, and Protection Obligations

Privacy Fundamentals in Cloud Contexts

Data Residency, Localization, and Jurisdictional Compliance

Applying Privacy by Design in Cloud Architectures

Minimization, Pseudonymization, and Retention Strategies

Subject Access Requests and Erasure Protocols

Privacy Risk Assessment and Breach Notification Planning

18: Cloud Compliance and Regulatory Readiness

Regulatory Scope and Interpretation for Cloud Services

Mapping Frameworks: FedRAMP, ISO 27017, CSA CCM, etc.

Navigating Multi-Jurisdictional and Industry-specific Regulations

Automated Compliance Monitoring and Control Validation

Evidence Collection, Documentation, and Control Traceability

Cloud Vendor Compliance Oversight and Attestation Review

Strategic Compliance Roadmapping and Governance Alignment

Conclusions

19: Cloud Risk Management and Enterprise Integration

Identifying and Categorizing Cloud Risk Vectors

Embedding Cloud Risk into Enterprise Risk Frameworks

Risk Quantification, Prioritization, and Response Planning

Third-party, SaaS, and Supply Chain Risk Management

Shadow IT, Unmanaged Assets, and Risk Discovery Techniques

20: Cloud Monitoring, Logging, and Detection

Principles of Observability in Cloud Infrastructure

Centralized Logging Strategies Across Providers

Real-Time Detection and Correlation with Native and Third-Party Tools

Cloud SIEM, SOAR, and Automation Integration

Behavioral Analytics and Anomaly Detection in Cloud Workloads

Alert Tuning, Prioritization, and False Positive Reduction

Maturity Models for Telemetry, Visibility, and Incident Readiness

21: Cloud Security Metrics and Performance Reporting

Aligning Metrics with Business and Security Objectives

Operational and Technical Metrics for Cloud Security Operations

Compliance, Audit, and Control Effectiveness Indicators

Tracking Remediation, Drift, and Security Posture Trends

Maturity Models and Continuous Metrics Optimization

22: Threat Intelligence and Attack Surface Management

Strategic Role of Threat Intelligence in Cloud Security

Discovering and Mapping the Cloud Attack Surface

Curating and Consuming External Intelligence Feeds.

Threat Modeling, Attribution, and Prioritization.

Notes:

Description based on publisher supplied metadata and other sources.

ISBN:

1-394-37776-2

1-394-37774-6

9781394377749

OCLC:

1573146411